SourceCodester Canteen Management System removeOrder.php query sql injection
CVE-2023-0781
9.8CRITICAL
What is CVE-2023-0781?
A vulnerability exists in the SourceCodester Canteen Management System version 1.0 that allows attackers to perform SQL injection via the 'id' parameter in the removeOrder.php file. This flaw can be exploited remotely, enabling unauthorized access to the database. If successfully exploited, it allows attackers to manipulate the query to compromise the web application and potentially exfiltrate sensitive data. Immediate attention and patching are recommended to mitigate risks associated with this vulnerability.
Affected Version(s)
Canteen Management System 1.0