Lucene search

K
cve[email protected]CVE-2023-29849
HistoryApr 24, 2023 - 3:15 p.m.

CVE-2023-29849

2023-04-2415:15:08
CWE-89
web.nvd.nist.gov
16
cve-2023-29849
bang resto
sql injection
btnmenuitemid
itemid
itemprice
menuid
staffid
itemqty
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

77.9%

Bang Resto 1.0 was discovered to contain multiple SQL injection vulnerabilities via the btnMenuItemID, itemID, itemPrice, menuID, staffID, or itemqty parameter.

Affected configurations

NVD
Node
hockeycomputindobang_restoMatch1.0

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

77.9%