Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Very High


Disclosure Date: October 01, 2021 (last updated October 09, 2021)
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.