SQL Injection Vulnerability in Restaurant Table Booking System by Serhatcck
CVE-2023-48016

7.5HIGH

Key Information:

Vendor: PHPgurukul
Status: Restaurant Table Booking System
Vendor: CVE Published:; 1 December 2023

What is CVE-2023-48016?

The Restaurant Table Booking System V1.0 is susceptible to SQL injection attacks via the 'username' parameter in the rtbs/admin/index.php file. This vulnerability allows an attacker to manipulate database queries, potentially leading to unauthorized access, data leakage, or other malicious activities. It is essential for users and administrators to apply patches and take preventive measures to safeguard their systems from exploitation.

References

https://github.com/Serhatcck/cves/blob/main/CVE-2023-4801...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2023
Vulnerability Reserved
Nov 13, 2023

PHPgurukul

What is CVE-2023-48016?

References

CVSS V3.1

Timeline