N/A

The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability.

N/A

N/A

SourceCodester Multi Restaurant Table Reservation System SQL注入漏洞

SourceCodester Multi Restaurant Table Reservation System是USSourceCodester公司的一个多餐厅餐桌预订系统。 Multi Restaurant Table Reservation System 1.0 版本存在SQL注入漏洞，该漏洞源于/dashboard/view-chair-list.php?table_id=没有执行输入验证，攻击者可利用该漏洞可以在GET请求中向发送恶意输入。

N/A

N/A