A vulnerability was found in yashpokharna2555 restaurent-management-system . It has been declared as critical . This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler . Such manipulation of the argument email leads to sql injection. This vulnerability is uniquely identified as CVE-2026-13498 . The attack can be launched remotely. Moreover, an exploit is present. This product does not use versioning. This is why information about affected and unaf