CVE-2023-37627

CRITICAL

Code-projects Online Restaurant Management System - SQL Injection

Title source: rule

Description

Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.

References (2)

[Product] https://code-projects.org/online-restaurant-management-system-in-php-with-source-code/

[Exploit, Third Party Advisory] https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e

Scores

CVSS v3 9.8

EPSS 0.0002

EPSS Percentile 5.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-89

Status published

Affected Products (1)

code-projects/online_restaurant_management_system

Timeline

Published Jul 12, 2023

Tracked Since Feb 18, 2026