SQL Injection Vulnerability in Fast Food Ordering System
CVE-2022-43081

7.5HIGH

Key Information:

Vendor: Fast Food Ordering System Project
Status: Fast Food Ordering System
Vendor: CVE Published:; 1 November 2022

🔔 Create Fast Food Ordering System Project Vulnerability Alert

What is CVE-2022-43081?

The Fast Food Ordering System version 1.0 is vulnerable to SQL injection, specifically through the /fastfood/purchase.php component. This flaw allows attackers to manipulate SQL queries by injecting malicious code, potentially compromising the integrity and confidentiality of the database. By exploiting this vulnerability, unauthorized users can gain access to sensitive information, execute arbitrary SQL commands, and affect the application's functionality, posing severe risks to both users and the vendor.

References

https://github.com/Tr0e/CVE_Hunter/blob/main/SQLi-3.md

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2022
Vulnerability Reserved
Oct 17, 2022

CVE-2022-43081 Data

JSON