CVE-2026-13498 – yashpokharna2555 restaurent-management-system POST Parameter forgotpassword.php sql injection

CVE ID :CVE-2026-13498

Published : June 28, 2026, 1 p.m. | 45 minutes ago

Description :A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The project was informed of the problem early through an issue report but has not responded yet.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-13497 – itsourcecode Hospital Management System appointment.php sql injection

CVE-2026-13496 – itsourcecode Hospital Management System ajaxmedicine.php sql injection

CVE-2026-13495 – itsourcecode Hospital Management System adminprofile.php sql injection

CVE-2026-13493 – AIDC-AI ComfyUI-Copilot Workflow Checkpoint Restore conversation_api.py resource injection