14 matches found
CVE-2025-3339
CVE-2025-3339 affects the open-source tool codeprojects Online Restaurant Management System 1.0 . The vulnerability exists in an unknown functionality of the file /admin/user_update.php where manipulation of the ID parameter leads to SQL injection . It is exploitable remotely and exploitation has...
CVE-2025-3338
CVE-2025-3338 affects codeprojects Online Restaurant Management System 1.0. An SQL injection vulnerability exists in the /admin/user_save.php endpoint, via the Name parameter, with remote access and publicly disclosed exploit information. Multiple sources confirm impact to confidentiality, integr...
CVE-2025-3340
CVE-2025-3340 relates to a SQL injection in codeprojects Online Restaurant Management System v1.0, specifically in the file /admin/combo_update.php where manipulating the ID parameter can be exploited remotely. Multiple sources (NVD/NIST, Red Hat, CVELIST, CNNVD, Vulner enrichments) corroborate a...
CVE-2025-3343
The CVE-2025-3343 entry concerns a SQL injection in codeprojects Online Restaurant Management System v1.0. The vulnerability resides in /admin/reservation_update.php where an attacker can manipulate the ID argument to trigger SQL injection, with remote exploitation and public disclosure of the ex...
CVE-2025-3345
CVE-2025-3345 affects codeprojects Online Restaurant Management System version 1.0. The vulnerability is in the /admin/combo.php script, where the del parameter can be manipulated to trigger an SQL injection. The issue is exploitable remotely and has been publicly disclosed. Multiple sources clas...
CVE-2025-3334
Codeprojects Online Restaurant Management System 1.0 is affected via the /admin/category_save.php endpoint, where unsafely handling the Category parameter yields SQL injection. The issue is remotely exploitable and reportedly disclosed publicly. Root cause: improper validation/escaping of the Cat...
CVE-2025-3341
Codeprojects Online Restaurant Management System 1.0 is affected by a SQL injection in the /admin/reservation_view.php file, caused by improper handling of the ID parameter. Exploitation can be performed remotely and publicly disclosed details exist across multiple sources (e.g., NVD, Red Hat, CV...
CVE-2025-3332
CVE-2025-3332 affects codeprojects Online Restaurant Management System 1.0. The vulnerability is an SQL injection in the /admin/menu_save.php file triggered by manipulating the menu argument. It is realizable remotely and has been disclosed publicly. Several trusted sources (NVD, Red Hat, CVE lis...
CVE-2025-3344
The CVE-2025-3344 entry concerns codeprojects Online Restaurant Management System 1.0. Affected component: the function handling the ID argument in /admin/assign_save.php. Root cause: SQL injection via manipulation of the ID parameter, enabling remote exploitation. Exploit has been publicly discl...
CVE-2023-37627
CVE-2023-37627 affects Code-projects Online Restaurant Management System 1.0. The vulnerability is an SQL Injection that can bypass the admin panel and allow viewing order records, and enabling adding or deleting items. Some connected data indicates a PoC exists, suggesting exploitation may be de...
CVE-2025-3333
CVE-2025-3333 affects codeprojects Online Restaurant Management System 1.0. The vulnerability lies in the file /admin/menu_update.php where the manipulation of the menu argument enables SQL injection. The issue is exploitable remotely over network with no privileges required and no user interacti...
CVE-2025-3342
CVE-2025-3342 affects codeprojects Online Restaurant Management System 1.0, specifically the /admin/payment_save.php path. The vulnerability arises from improper handling/manipulation of the ID parameter, leading to SQL injection. Impact is reported as remote, with public disclosure of the exploi...
CVE-2025-3331
Summary: CVE-2025-3331 affects codeprojects Online Restaurant Management System 1.0. The vulnerability lies in the /payment_save.php handler where the manipulation of the mode argument enables SQL injection. This can be exploited remotely, and public disclosures exist. What’s affected: codeprojec...
CVE-2025-3330
CVE-2025-3330 affects codeprojects Online Restaurant Management System v1.0, with SQL injection in /reservation_save.php caused by manipulating the first parameter. Exploitation can be remote and public; multiple connected sources confirm. The vulnerability stems from unsafe handling of a user-su...