CVE-2023-2594

HIGH

Oretnom23 Food Ordering Management System - SQL Injection

Title source: rule

Description

A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the component Registration. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228396.

Exploits (1)

nomisec STUB 1 stars

by thehackingverse · poc

https://github.com/thehackingverse/CVE-2023-2594

View Code ZIP pw:eip

References (2)

Core 2

Core References

Permissions Required, Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.228396

Permissions Required, Third Party Advisory, VDB Entry signature

https://vuldb.com/?ctiid.228396

Scores

CVSS v3 7.3

EPSS 0.0043

EPSS Percentile 62.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-89

Status published

Products (1)

oretnom23/food_ordering_management_system 1.0

Published May 09, 2023

Tracked Since Feb 18, 2026