CVE-2023-37627: SQL Injection
First published: Wed Jul 12 2023(Updated: )
Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Code-projects Online Restaurant Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-37627?
CVE-2023-37627 is a vulnerability in the Code-projects Online Restaurant Management System 1.0 that allows SQL Injection.
How does CVE-2023-37627 affect the system?
CVE-2023-37627 allows an attacker to bypass the admin panel and perform actions such as viewing order records, adding items, and deleting items.
What is the severity of CVE-2023-37627?
CVE-2023-37627 is classified as critical with a severity score of 9.
What is SQL Injection?
SQL Injection is a technique where an attacker inserts malicious SQL code into a query to manipulate the database or gain unauthorized access.
How can I fix CVE-2023-37627?
To mitigate CVE-2023-37627, it is recommended to sanitize and validate user input before using it in SQL queries and to use prepared statements or parameterized queries.
- collector/nvd-api
- collector/nvd-latest
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/code-projects
- canonical/code-projects online restaurant management system
- version/code-projects online restaurant management system/1.0