Unrated severityNVD Advisory· Published Dec 31, 2024· Updated Dec 31, 2024
CodeAstro Online Food Ordering System Update User Page update_users.php sql injection
CVE-2024-13070
Description
A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/update_users.php of the component Update User Page. The manipulation of the argument user_upd leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.0+ 1 more
- (no CPE)range: = 1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
5- github.com/shaturo1337/POCs/blob/main/RCE%20via%20SQL%20Injection%20in%20Online%20Food%20Ordering%20System.mdmitreexploit
- vuldb.commitrethird-party-advisory
- codeastro.commitreproduct
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.