CVE-2023-45325
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 2, 2023
Updated: Nov 9, 2023
CWE ID 89
Summary
CVE-2023-45325 is a vulnerability affecting the Online Food Ordering System v1.0. This issue allows unauthenticated attackers to inject SQL queries into the application by exploiting the lack of input validation for the 'address' parameter in the routers/add-users.php resource. As a result, attackers can manipulate or extract sensitive data from the database, potentially leading to data breaches or system compromises. This vulnerability underscores the importance of proper input validation and sanitization to prevent SQL injection attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share