Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Online-Food-Ordering-Web-App SQL注入漏洞
Vulnerability Description
Online-Food-Ordering-Web-App是Kaushik Jadhav个人开发者的一个开源的在线食品订购系统网站。 Online-Food-Ordering-Web-App 存在SQL注入漏洞,该漏洞源于Kaushik Jadhav在线订餐Web App 1.0存在一个基于错误和时间的未认证SQL盲注入漏洞。攻击者可利用该漏洞login.php中脆弱的“username”参数检索敏感的数据库信息,并添加管理用户。
CVSS Information
N/A
Vulnerability Type
N/A