SourceCodester Online Pizza Ordering System Login Page sql injection
CVE-2023-1455

8.1HIGH

Key Information:

Vendor: SourceCodester
Status: Online Pizza Ordering System
Vendor: CVE Published:; 17 March 2023

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2023-1455?

A SQL injection vulnerability exists in the login page of the Online Pizza Ordering System by SourceCodester. This flaw arises from improper handling of user-supplied input in the 'email' argument of the action request. An attacker could exploit this vulnerability to execute arbitrary SQL commands against the database. Such an exploit may allow unauthorized access to sensitive information. Given the complexity and specific conditions required for a successful attack, it is essential for users and administrators to apply appropriate security measures to safeguard their applications.

Affected Version(s)

Online Pizza Ordering System 1.0

References

https://vuldb.com/?id.223300

vdb-entrytechnical-description

https://vuldb.com/?ctiid.223300

signature

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2023
Vulnerability Reserved
Mar 17, 2023

Credit

WWesleywww (VulDB User)

JSON