Food-order-and-table-reservation-system is enabling users to order food online and reserve a table for dine-in if there is no delivery option. food-order-and-table-reservation-system version 1.0 is vulnerable to an SQL injection vulnerability that originates in the categorywise-menu.php page where the catid parameter lacks validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
food-order-and-table-reservation-system food-order-and-table-reservation-system | eq | 1.0 |