5 matches found
CVE-2020-36550
Cross Site Scripting XSS vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php...
CVE-2020-36552
CVE-2020-36552 affects SourceCodester Multi Restaurant Table Reservation System 1.0. The vulnerability is a reflected XSS via the Made field to /dashboard/menu-list.php, allowing execution of arbitrary scripts in the context of the affected site. The NVD CVSS v3.1 base score is 5.4 (MEDIUM), with...
CVE-2020-36553
CVE-2020-36553 is an XSS vulnerability affecting SourceCodester Multi Restaurant Table Reservation System 1.0. The issue is triggered via the Area(food_type) field when accessing /dashboard/menu-list.php. Connected documents consistently describe a cross-site scripting vulnerability in the same p...
CVE-2021-44091
CVE-2021-44091 targets SourceCodester/ Courcecodester Multi Restaurant Table Reservation System 1.0. The XSS vulnerability occurs in register.php via the fullname, phone and address parameters, allowing injection of client-side code. Public documentation from multiple sources (CNVD/CNNVD, NVD/CVE...
Sql injection
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the tableid parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?tableid= to trigger the...