CVE-2023-36968

HIGH

Food Ordering System v1.0 - SQL Injection

Title source: llm
STIX 2.1

Description

A SQL Injection vulnerability detected in Food Ordering System v1.0 allows attackers to run commands on the database by sending crafted SQL queries to the ID parameter.

Scores

CVSS v3 7.2
EPSS 0.0090
EPSS Percentile 55.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
food_ordering_system_project/food_ordering_system 1.0
Published Jul 06, 2023
Tracked Since Feb 18, 2026