Lucene search
China National Vulnerability DatabaseCNVD-2023-06521HistoryJan 17, 2023 - 12:00 a.m.
Online Food Ordering System SQL Injection Vulnerability (CNVD-2023-06521)
2023-01-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
online food ordering
sql injection
vulnerability
cnvd-2023-06521
login page
database security
external input validation
0.002 Low
EPSS
Percentile
54.8%
Online Food Ordering System is an online food ordering system. an SQL injection vulnerability exists in Online Food Ordering System, which originates from the missing Username parameter in the file /fos/admin/ajax.php? action = login on the componentβs login page. validation of external input SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| online food ordering system online food ordering system | eq | 2.0 |
Related
nvd
nvd
CVE-2023-0256
2023-01-12 22:15:09
cve
cve
CVE-2023-0256
2023-01-12 22:15:09
cvelist
cvelist
prion
prion
Sql injection
2023-01-12 22:15:00