MartDevelopers-Inc/iResturant

MartDevelopers-Inc/iResturant

Releases0

Stars4

iResturant - A Lightweight Resturant ERP

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-43436 ↗	Jan 12, 2022Wednesday, 12 January 2022, 17:15	5.4 MEDIUM	3.5 LOW
MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
CVE-2021-43438 ↗	Dec 20, 2021Monday, 20 December 2021, 20:15	5.4 MEDIUM	3.5 LOW
Stored XSS in Signup Form in iResturant 1.0 Allows Remote Attacker to Inject Arbitrary code via NAME and ADDRESS field
CVE-2021-43439 ↗	Dec 20, 2021Monday, 20 December 2021, 20:15	9.8 CRITICAL	10 HIGH
RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely