PHPGurukul Restaurant Table Booking System Reservation Status booking-details.php information disclosure
CVE-2023-6076

7.5HIGH

Key Information:

Vendor: PHPGurukul
Status: Restaurant Table Booking System
Vendor: CVE Published:; 10 November 2023

Summary

A vulnerability exists in the PHPGurukul Restaurant Table Booking System 1.0 that allows unauthorized access to sensitive information via the booking-details.php file. This flaw arises from improper handling of the 'bid' argument within the Reservation Status Handler, enabling remote attackers to exploit this issue and disclose confidential information.

Affected Version(s)

Restaurant Table Booking System 1.0

References

https://vuldb.com/?id.244945

vdb-entrytechnical-description

https://vuldb.com/?ctiid.244945

signaturepermissions-required

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 10, 2023
Vulnerability Reserved
Nov 10, 2023

Collectors

NVD DatabaseMitre Database

Credit

scumdestroy (VulDB User)