NextGuard
UNKNOWNCVE-2018-25185

Wecodex Restaurant CMS 1.0 SQL Injection via Login

Platform

php

Component

wecodex-restaurant-cms

View on NVD

Wecodex Restaurant CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the username parameter. Attackers can send POST requests to the login endpoint with malicious SQL payloads using boolean-based blind or time-based blind techniques to extract sensitive database information.

How to fix

Actualice a una versión parcheada o aplique las medidas de seguridad necesarias para evitar la inyección SQL. Considere migrar a un sistema de gestión de contenido más seguro y actualizado.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2018-25185 — Vulnerability Details | NextGuard | NextGuard