CVE-2023-37627

CRITICAL

Online Restaurant Management System 1.0 - SQL Injection

Title source: llm

Description

Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.

References (2)

Core 2

Core References

Product

https://code-projects.org/online-restaurant-management-system-in-php-with-source-code/

Exploit, Third Party Advisory

https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e

Scores

CVSS v3 9.8

EPSS 0.0002

EPSS Percentile 6.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

code-projects/online_restaurant_management_system 1.0

Published Jul 12, 2023

Tracked Since Feb 18, 2026