SourceCodester Friendly Island Pizza Website and Ordering System POST Parameter paypalsuccess.php sql injection
CVE-2023-1378
9.8CRITICAL
What is CVE-2023-1378?
A SQL injection vulnerability exists within the Friendly Island Pizza Website and Ordering System, specifically in the paypalsuccess.php file's POST Parameter Handler. This flaw arises from improper handling of the 'cusid' argument, allowing attackers to manipulate SQL queries. This exploitation can be conducted remotely, posing a significant risk to the integrity of the database and sensitive user information. Public disclosure of the vulnerability has raised concerns, emphasizing the need for prompt security measures to mitigate potential attacks.
Affected Version(s)
Friendly Island Pizza Website and Ordering System 1.0