CVE-2026-13498 | yashpokharna2555 restaurent-management-system POST Parameter /forgotpassword.php email sql injection
A vulnerability was found in yashpokharna2555 restaurent-management-system. It has been declared as critical. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection.
This vulnerability is uniquely identified as CVE-2026-13498. The attack can be launched remotely. Moreover, an exploit is present.
This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More