CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9085 – code-projects Restaurant Reservation System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-9085
A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument date leads to sql injection. The attack may be initiated remotely. • https://code-projects.org https://github.com/ppp-src/a/issues/18 https://vuldb.com/?ctiid.278261 https://vuldb.com/?id.278261 https://vuldb.com/?submit.411848 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26773
https://notcve.org/view.php?id=CVE-2020-26773
Restaurant Reservation System 1.0 suffers from an authenticated SQL injection vulnerability, which allows a remote, authenticated attacker to execute arbitrary SQL commands via the date parameter in includes/reservation.inc.php. Restaurant Reservation System versión 1.0, sufre una vulnerabilidad de inyección SQL autenticada, que permite a un atacante autenticado y remoto ejecutar comandos SQL arbitrarios por medio del parámetro date en el archivo includes/reservation.inc.php • https://packetstormsecurity.com/files/159475/Restaurant-Reservation-System-1.0-SQL-Injection.html https://www.sourcecodester.com/php/14482/restaurant-reservation-system-php-full-source-code-2020.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •