2 matches found
CVE-2023-0256
SourceCodester Online Food Ordering System 2.0 has a SQL injection vulnerability in the login API endpoint /fos/admin/ajax.php?action=login, caused by unsafely handling the Username parameter. This can be exploited remotely without user interaction. Affected component: Login Page, specifically th...
CVE-2023-0256 SourceCodester Online Food Ordering System Login Page sql injection
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /fos/admin/ajax.php?action=login of the component Login Page. The manipulation of the argument Username leads to sql injection. It is possib...