CVE-2021-45802

CRITICAL

MartDevelopers iResturant 1.0 - SQL Injection

Title source: llm
STIX 2.1

Description

MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email and phone parameter values are added to the SQL query without any verification at the time of membership registration.

References (2)

Core 2
Core References
Broken Link x_refsource_misc
https://blog.pocas.kr/posts/sqli-iResturant/

Scores

CVSS v3 9.8
EPSS 0.0131
EPSS Percentile 67.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
iresturant_project/iresturant 1.0
Published Jan 25, 2022
Tracked Since Feb 18, 2026