SQL Injection Vulnerability in Restaurant Table Booking System by Serhatcck
CVE-2023-48016

7.5HIGH

Key Information:

Vendor: PHPgurukul
Status: Restaurant Table Booking System
Vendor: CVE Published:; 1 December 2023

Summary

The Restaurant Table Booking System V1.0 is susceptible to SQL injection attacks via the 'username' parameter in the rtbs/admin/index.php file. This vulnerability allows an attacker to manipulate database queries, potentially leading to unauthorized access, data leakage, or other malicious activities. It is essential for users and administrators to apply patches and take preventive measures to safeguard their systems from exploitation.

References

https://github.com/Serhatcck/cves/blob/main/CVE-2023-4801...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 1, 2023
Vulnerability Reserved
Nov 13, 2023

Collectors

NVD DatabaseMitre Database