Vulnerability Description
Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Online Catering Reservation System Project | Online Catering Reservation System | 1.0 |
Related Weaknesses (CWE)
References
- https://attackerkb.com/topics/XuEb81tsid/online-catering-reservation-dt-food-catThird Party Advisory
- https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/READMEExploitThird Party Advisory
- https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-38758/README.MDBroken Link
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758Broken Link
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/Online-Catering-Reservation-ExploitThird Party Advisory
- https://attackerkb.com/topics/XuEb81tsid/online-catering-reservation-dt-food-catThird Party Advisory
- https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/READMEExploitThird Party Advisory
- https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-38758/README.MDBroken Link
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758Broken Link
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/Online-Catering-Reservation-ExploitThird Party Advisory
FAQ
What is CVE-2021-38758?
CVE-2021-38758 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
How severe is CVE-2021-38758?
CVE-2021-38758 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-38758?
Check the references section above for vendor advisories and patch information. Affected products include: Online Catering Reservation System Project Online Catering Reservation System.