CVE-2023-0964

Name of the Vulnerable Software and Affected Versions SourceCodester Sales Tracker Management System version 1.0

Description A critical vulnerability has been found in the SourceCodester Sales Tracker Management System. The issue is related to an unknown function of the file admin/products/view product.php, where the manipulation of the id argument leads to sql injection. This allows for a remote attack, with a rather high complexity and difficult exploitability.

Recommendations For SourceCodester Sales Tracker Management System version 1.0, consider disabling the id argument in the affected file admin/products/view product.php as a temporary workaround until a patch is available. Restrict access to the view product.php file to minimize the risk of exploitation. Avoid using the id argument in the affected function until the issue is resolved.