RSS   Vulnerabilities for 'Online food ordering web app'   RSS

2021-10-01
 
CVE-2021-41647

CWE-89
 

 
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.

 


Copyright 2024, cxsecurity.com

 

Back to Top