SQL Injection Vulnerability in code-projects Restaurant Reservation System
CVE-2024-9811

9.8CRITICAL

Key Information:

Vendor: Code-projects
Status: Restaurant Reservation System
Vendor: CVE Published:; 10 October 2024

🔔 Create Code-projects Vulnerability Alert

What is CVE-2024-9811?

A critical SQL injection vulnerability has been detected in the code-projects Restaurant Reservation System version 1.0, specifically affecting the filter3.php file. This flaw allows an attacker to manipulate the 'company' argument, enabling them to execute unauthorized SQL commands remotely. Given its public disclosure, it poses a significant risk for exploitation, making it essential for users of this system to apply necessary security measures and updates to protect against potential attacks.

References

https://vuldb.com/?id.279963

https://vuldb.com/?ctiid.279963

https://vuldb.com/?submit.418728

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2024