302 matches found
PT-2023-30215 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the username parameter of the "auth/auth.php" resource does not validate the characters received and they are...
PT-2023-30219 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the filename attribute of the pic4 multipart parameter is vulnerable. Recommendations: For Online Matrimonial...
PT-2023-30221 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the email parameter in the register function of the functions.php file is vulnerable. Recommendations: For...
PT-2023-30224 · Unknown · Online Matrimonial Project
Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns Unauthenticated SQL Injection vulnerabilities. Specifically, the name parameter in the register function of the functions.php file is vulnerable. Recommendations: For Onli...
CVE-2023-45345
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45338
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the routers/add-ticket.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45345
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45347
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'verified' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45343
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticketid' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45343
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticketid' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45341
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'price' parameter of the routers/menu-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45336
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the routers/router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45338
The CVE-2023-45338 entry concerns Online Food Ordering System v1.0, with multiple unauthenticated SQL Injection flaws in the routers/add-ticket.php id parameter. The root cause is insufficient input validation, sending unfiltered input to the database. Documented impact is high on confidentiality...
CVE-2023-45343 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticketid' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45343
CVE-2023-45343 : Multiple unauthenticated SQL Injection vulnerabilities affect Online Food Ordering System v1.0. The issue stems from insufficient validation of the ticket_id parameter in routers/ticket-message.php, which passes unfiltered input to the database. Public sources in the connected do...
CVE-2023-45344 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'balance' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-45342
CVE-2023-45342 affects Online Food Ordering System v1.0 and describes multiple unauthenticated SQL injection vulnerabilities in routers/register-router.php, caused by insufficient validation of the phone parameter, which is sent unfiltered to the database. Red Hat’s advisory mirrors the descripti...
CVE-2023-45329
Affected software: Online Food Ordering System, version 1.0. Vulnerability: unauthenticated SQL injection in routers/add-users.php; the unvalidated role parameter is sent to the database. Impact: potential for unauthorized data access/modification as described. Exploitation details: not provided ...
CVE-2023-45328
CVE-2023-45328 is rejected/not used and does not represent an active vulnerability entry.
CVE-2023-45325 Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'address' parameter of the routers/add-users.php resource does not validate the characters received and they are sent unfiltered to the database...