Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-57328

A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain unauthorized access.

Published

2025-01-23T22:15:14.943

Last Modified

2025-01-29T13:52:36.473

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-89
Type: Secondary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	projectworlds	online_food_ordering_system	1.0	Yes

References

https://github.com/fatihtuzunn/CVEs/tree/main/CVE-2024-57328 Exploit, Third Party Advisory ([email protected])