7 matches found
CVE-2020-29284
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the tableid parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?tableid= to trigger the...
Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection
Sourcecodester Multi Restaurant Table Reservation System 1.0 contains a SQL injection vulnerability via the file view-chair-list.php. It does not perform input validation on the tableid parameter, which allows unauthenticated SQL injection. An attacker can send malicious input in the GET request ...
Arbitrary Code Injection Over HTTP Traffic (CVE-2020-21176; CVE-2020-25042; CVE-2020-26248; CVE-2020-26712; CVE-2020-28994; CVE-2020-29284; CVE-2020-6308; CVE-2021-25912)
Arbitrary Code Injections Over HTTP Traffic...
CVE-2020-29284
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the tableid parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?tableid= to trigger the...
CVE-2020-29284
CVE-2020-29284 affects Sourcecodester Multi Restaurant Table Reservation System 1.0. The file view-chair-list.php does not validate the table_id parameter, enabling unauthenticated SQL injection via GET requests to /dashboard/view-chair-list.php?table_id=; multiple sources (NVD/Red Hat/Nuclei/NVD...
CVE-2020-29284
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the tableid parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?tableid= to trigger the...
SQL Servers Time-based SQL Injection (CVE-2011-4710; CVE-2019-13978; CVE-2019-16065; CVE-2019-16119; CVE-2019-16383; CVE-2019-16692; CVE-2020-15468; CVE-2020-26518; CVE-2020-29284; CVE-2021-21915; CVE-2021-21916; CVE-2021-21917; CVE-2022-23337; CVE-2022-25149)
SQL injection techniques can allow remote attackers to execute SQL commands on SQL servers. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...