Code-Projects Online Food Ordering System Sensitive Information Disclosure Vulnerability

A sensitive information disclosure vulnerability has been identified in Code-Projects Online Food Ordering System version 1.0. The issue arises from an exposed database backup file, 'localhost.sql', which is stored in a publicly accessible directory without proper access restrictions. This file can be accessed remotely, allowing unauthorized users to download the database dump containing sensitive information such as user credentials, administrative accounts, and application data.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive database information, including administrator credentials, user account details, password hashes or plaintext passwords, order records, food product data, and the database schema. Such information could be used to compromise accounts, gain unauthorized administrative access, manipulate database records, or conduct further attacks against the application.

Reproduction

To reproduce this vulnerability, deploy the Online Food Ordering System in PHP application version 1.0. Once the application is running, navigate to the URL 'http://localhost/dbfood/localhost.sql'. The database dump file will be downloaded or displayed in the browser, exposing sensitive information such as administrative credentials and user data.

Remediation

It is recommended to remove SQL backup files from the web root and store them in secure locations, such as internal systems not accessible via HTTP. Access to backup files should be restricted to administrators only.