CVE-2023-45325

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 2, 2023
Updated: Nov 9, 2023
CWE ID 89

Summary

CVE-2023-45325 is a vulnerability affecting the Online Food Ordering System v1.0. This issue allows unauthenticated attackers to inject SQL queries into the application by exploiting the lack of input validation for the 'address' parameter in the routers/add-users.php resource. As a result, attackers can manipulate or extract sensitive data from the database, potentially leading to data breaches or system compromises. This vulnerability underscores the importance of proper input validation and sanitization to prevent SQL injection attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share