CVE-2024-9360: code-projects Restaurant Reservation System updatebal.php sql injection
First published: Tue Oct 01 2024(Updated: )
A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatebal.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| code-projects Restaurant Reservation System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-9360?
CVE-2024-9360 has been classified as critical.
What part of the application is affected by CVE-2024-9360?
CVE-2024-9360 affects the file /updatebal.php in the Restaurant Reservation System 1.0.
What type of vulnerability is associated with CVE-2024-9360?
CVE-2024-9360 is associated with SQL injection due to manipulation of the argument 'company'.
Can the CVE-2024-9360 vulnerability be exploited remotely?
Yes, CVE-2024-9360 can be exploited remotely.
How do I fix CVE-2024-9360?
To fix CVE-2024-9360, ensure that user input is properly sanitized and validated before being processed in database queries.
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/tags
- agent/epss
- collector/epss-latest
- source/FIRST
- agent/source
- vendor/code-projects
- canonical/code-projects restaurant reservation system
- version/code-projects restaurant reservation system/1.0