Restaurant Management System
by Restaurant Management System
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-60783 | 0.00 | — | 0.00 | Oct 20, 2025 | There is a SQL injection vulnerability in Restaurant Management System DBMS Project v1.0 via login.php. The vulnerability allows attackers to manipulate the application's database through specially crafted SQL query strings. | |||
| CVE-2025-4884 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/assign_save.php. The manipulation of the argument team leads to sql injection. The attack may be initiated… | |||
| CVE-2025-4882 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/team_update.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2025-4881 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/user_save.php. The manipulation of the argument username/name leads to sql injection. The attack may be… | |||
| CVE-2025-4870 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the file /admin/menu_save.php. The manipulation of the argument menu leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2025-4869 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability classified as critical has been found in itsourcecode Restaurant Management System 1.0. This affects an unknown part of the file /admin/member_update.php. The manipulation of the argument menu leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2025-4865 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/member_save.php. The manipulation of the argument last leads to sql injection. The attack may be initiated… | |||
| CVE-2025-4864 | 0.00 | — | 0.00 | May 18, 2025 | A vulnerability has been found in itsourcecode Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/finished.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.… | |||
| CVE-2025-4193 | 0.00 | — | 0.00 | May 2, 2025 | A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_update.php. The manipulation of the argument Category leads to sql injection. The attack may be… | |||
| CVE-2025-4192 | 0.00 | — | 0.00 | May 2, 2025 | A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the… | |||
| CVE-2023-48722 | 0.00 | — | 0.01 | Dec 21, 2023 | Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database. | |||
| CVE-2022-43086 | 0.00 | — | 0.01 | Nov 1, 2022 | Restaurant POS System v1.0 was discovered to contain a SQL injection vulnerability via update_customer.php. | |||
| CVE-2019-18415 | 0.00 | — | 0.01 | Oct 24, 2019 | Sourcecodester Restaurant Management System 1.0 allows XSS via the "send a message" screen. | |||
| CVE-2019-18417 | 0.00 | — | 0.02 | Oct 24, 2019 | Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., "add a new food" allows .php files. | |||
| CVE-2019-18416 | 0.00 | — | 0.01 | Oct 24, 2019 | Sourcecodester Restaurant Management System 1.0 allows XSS via the Last Name field of a member. | |||
| CVE-2019-18414 | 0.00 | — | 0.00 | Oct 24, 2019 | Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a… | |||
| CVE-2007-5160 | 0.00 | — | 0.01 | Oct 1, 2007 | Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b)… |
- CVE-2025-60783Oct 20, 2025risk 0.00cvss —epss 0.00
There is a SQL injection vulnerability in Restaurant Management System DBMS Project v1.0 via login.php. The vulnerability allows attackers to manipulate the application's database through specially crafted SQL query strings.
- CVE-2025-4884May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/assign_save.php. The manipulation of the argument team leads to sql injection. The attack may be initiated…
- CVE-2025-4882May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/team_update.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack…
- CVE-2025-4881May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/user_save.php. The manipulation of the argument username/name leads to sql injection. The attack may be…
- CVE-2025-4870May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the file /admin/menu_save.php. The manipulation of the argument menu leads to sql injection. The attack can be initiated remotely. The…
- CVE-2025-4869May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in itsourcecode Restaurant Management System 1.0. This affects an unknown part of the file /admin/member_update.php. The manipulation of the argument menu leads to sql injection. It is possible to initiate the attack…
- CVE-2025-4865May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/member_save.php. The manipulation of the argument last leads to sql injection. The attack may be initiated…
- CVE-2025-4864May 18, 2025risk 0.00cvss —epss 0.00
A vulnerability has been found in itsourcecode Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/finished.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.…
- CVE-2025-4193May 2, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_update.php. The manipulation of the argument Category leads to sql injection. The attack may be…
- CVE-2025-4192May 2, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the…
- CVE-2023-48722Dec 21, 2023risk 0.00cvss —epss 0.01
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database.
- CVE-2022-43086Nov 1, 2022risk 0.00cvss —epss 0.01
Restaurant POS System v1.0 was discovered to contain a SQL injection vulnerability via update_customer.php.
- CVE-2019-18415Oct 24, 2019risk 0.00cvss —epss 0.01
Sourcecodester Restaurant Management System 1.0 allows XSS via the "send a message" screen.
- CVE-2019-18417Oct 24, 2019risk 0.00cvss —epss 0.02
Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequately sanitize user-supplied input, e.g., "add a new food" allows .php files.
- CVE-2019-18416Oct 24, 2019risk 0.00cvss —epss 0.01
Sourcecodester Restaurant Management System 1.0 allows XSS via the Last Name field of a member.
- CVE-2019-18414Oct 24, 2019risk 0.00cvss —epss 0.00
Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code or adding a staff entry via a…
- CVE-2007-5160Oct 1, 2007risk 0.00cvss —epss 0.01
Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b)…