Lucene search

Iresturant Project Security Vulnerabilities

cve

CVE-2021-43438

Stored XSS in Signup Form in iResturant 1.0 Allows Remote Attacker to Inject Arbitrary code via NAME and ADDRESS...

5.4CVSS

5.3AI Score

0.001EPSS

2021-12-20 08:15 PM

cve

CVE-2021-43436

MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be...

5.4CVSS

5.1AI Score

0.001EPSS

2022-01-12 05:15 PM

cve

CVE-2021-43439

RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands...

9.8CVSS

9.6AI Score

0.004EPSS

2021-12-20 08:15 PM

cve

CVE-2021-45803

MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing...

8.8CVSS

9AI Score

0.001EPSS

2022-01-25 01:15 PM

cve

CVE-2021-45802

MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email and phone parameter values are added to the SQL query without any verification at the time of membership...

9.8CVSS

9.8AI Score

0.003EPSS

2022-01-25 01:15 PM