CVE-2023-7100
MEDIUMPHPGurukul Restaurant Table Booking System 1.0 - SQL Injection via fdate/tdate Parameters
Title source: llmDescription
A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate/tdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References (5)
Core 5
Core References
Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.248952
Permissions Required, Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.248952
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.256861
Exploit, Third Party Advisory exploit
https://medium.com/@2839549219ljk/restaurant-table-booking-system-sql-injection-vulnerability-30708cfabe03
Various Sources product
https://phpgurukul.com/
Scores
CVSS v3
6.3
EPSS
0.0010
EPSS Percentile
27.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-74
CWE-89
Status
published
Products (1)
phpgurukul/restaurant_table_booking_system
1.0
Published
Dec 25, 2023
Tracked Since
Feb 18, 2026