CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1192 – SourceCodester Multi Restaurant Table Reservation System select-menu.php sql injection
https://notcve.org/view.php?id=CVE-2025-1192
12 Feb 2025 — A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file select-menu.php. The manipulation of the argument table leads to sql injection. It is possible to launch the attack remotely. • https://github.com/Keyand/Multi-Restaurant-Table-Reservation-System-Search/blob/main/Multi%20Restaurant%20Table%20Reservation%20System%20select-menu.php%20has%20Sqlinjection.pdf • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1191 – SourceCodester Multi Restaurant Table Reservation System approve-reject.php sql injection
https://notcve.org/view.php?id=CVE-2025-1191
12 Feb 2025 — A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/approve-reject.php. The manipulation of the argument breject_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Keyand/Multi-Restaurant-Table-Reservation-System-Search/blob/main/Multi%20Restaurant%20Table%20Reservation%20System%20approve-reject.php%20has%20Sqlinjection.pdf • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2020-35261
https://notcve.org/view.php?id=CVE-2020-35261
15 Jul 2022 — Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Restaurant Name field to /dashboard/profile.php. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en sourcecodester Multi Restaurant Table Reservation System versión 1.0, por medio del campo Restaurant Name en el archivo /dashboard/profile.php • https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2020-36550
https://notcve.org/view.php?id=CVE-2020-36550
15 Jul 2022 — Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Table Name field to /dashboard/table-list.php. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en sourcecodester Multi Restaurant Table Reservation System versión 1.0, por medio del campo Table Name en el archivo /dashboard/table-list.php • https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2020-36551
https://notcve.org/view.php?id=CVE-2020-36551
15 Jul 2022 — Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Item Name field to /dashboard/menu-list.php. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en sourcecodester Multi Restaurant Table Reservation System versión 1.0, por medio del campo Item Name en el archivo /dashboard/menu-list.php • https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2020-36552
https://notcve.org/view.php?id=CVE-2020-36552
15 Jul 2022 — Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Made field to /dashboard/menu-list.php. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en sourcecodester Multi Restaurant Table Reservation System versión 1.0, por medio del campo Made en el archivo /dashboard/menu-list.php • https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2020-36553
https://notcve.org/view.php?id=CVE-2020-36553
15 Jul 2022 — Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en sourcecodester Multi Restaurant Table Reservation System versión 1.0, por medio del campo Area(food_type) en el archivo /dashboard/menu-list.php • https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2021-44091
https://notcve.org/view.php?id=CVE-2021-44091
20 Jan 2022 — A Cross-Site Scripting (XSS) vulnerability exists in Courcecodester Multi Restaurant Table Reservation System 1.0 in register.php via the (1) fullname, (2) phone, and (3) address parameters. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Courcecodester Multi Restaurant Table Reservation System versión 1.0, en el archivo register.php por medio de los parámetros (1) fullname, (2) phone, y (3) address • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/janobe/Multi%20Restaurant%20Table%20Reservation%20System • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 25%CPEs: 1EXPL: 2CVE-2020-29284
https://notcve.org/view.php?id=CVE-2020-29284
02 Dec 2020 — The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability. El archivo view-chair-list.php en Multi Restaurant Table Reservation System versión 1.0, no lleva a cabo la comprobación de entrada en el parámetro table_id, lo que permite una inyección SQL no autent... • https://github.com/BigTiger2020/-Multi-Restaurant-Table-Reservation-System/blob/main/README.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •