CVE-2024-57328: SQL Injection
First published: Thu Jan 23 2025(Updated: )
A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain unauthorized access.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Online Food Ordering System | ||
| Food Ordering System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-57328?
CVE-2024-57328 has a high severity rating due to its potential to allow unauthorized access to the system.
How do I fix CVE-2024-57328?
To fix CVE-2024-57328, ensure that all input fields, specifically username and password, are properly sanitized and validated to prevent SQL injection.
What systems are affected by CVE-2024-57328?
CVE-2024-57328 affects Online Food Ordering System version 1.0.
Can CVE-2024-57328 be exploited remotely?
Yes, CVE-2024-57328 can be exploited remotely by attackers through the vulnerable login form.
What type of vulnerability is CVE-2024-57328?
CVE-2024-57328 is a SQL Injection vulnerability.
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/source
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/event
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- vendor/online food ordering system
- canonical/online food ordering system
- vendor/projectworlds
- canonical/food ordering system
- version/food ordering system/1.0