| 제목 | Food Ordering Website |
|---|
| 설명 | Vulnerable code: https://github.com/Sakshi2610/food_ordering_website/blob/main/foodwebsite/categoryfood.php
# Food Ordering Website 1.0 has a SQL injection vulnerability in categoryfood.php
## Software
- Software: Food Ordering Website 1.0
- Software Link: https://github.com/Sakshi2610/food_ordering_website
- Vulnerability Type: SQLi
- Attack Type: Remote
- Vendor of Product: Github
## Description
A vulnerability has been found in Github Food Ordering Website 1.0 and classified as critical. Github Food Ordering Website 1.0 has a SQL injection vulnerability in categoryfood.php. The manipulation of the argument `id` leads to SQLi. Remote attackers can leverage this to view, modify, and delete database contents.
My github writeup: https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Food-Ordering-Website%20SQLi.md |
|---|
| 원천 | ⚠️ https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Food-Ordering-Website%20SQLi.md |
|---|
| 사용자 | error404unknown (UID 53361) |
|---|
| 제출 | 2023. 09. 06. AM 04:56 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 09. 16. AM 08:37 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 239855 [Sakshi2610 Food Ordering Website 1.0 categoryfood.php 아이디 SQL 주입] |
|---|
| 포인트들 | 18 |
|---|