CVE-2021-38758 Information
Jun 07, 2022
cve
Description
Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Reference
https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758 https://github.com/nu11secur1ty/CVE-mitre/tree/main/Online-Catering-Reservation-DT-Food-Catering https://attackerkb.com/topics/XuEb81tsid/online-catering-reservation-dt-food-catering-by-oretnom23-v1-0-sql-injection—login https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-38758/README.MD
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
7.5
Share on: