Online Food Ordering System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
CVE-2023-45342
9.8CRITICAL
What is CVE-2023-45342?
The Online Food Ordering System v1.0 is susceptible to multiple unauthenticated SQL injection vulnerabilities. Specifically, the 'phone' parameter in the routers/register-router.php resource fails to properly sanitize input, allowing an attacker to manipulate SQL queries by injecting malicious code. This security flaw could enable unauthorized access to sensitive database information, posing a significant risk to data integrity and confidentiality.
Affected Version(s)
Online Food Ordering System 1.0