CVE-2023-1037

Name of the Vulnerable Software and Affected Versions SourceCodester Dental Clinic Appointment Reservation System version 1.0

Description A critical issue affects the processing of the file /APR/login.php, specifically the POST Parameter Handler component. The manipulation of the username argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For SourceCodester Dental Clinic Appointment Reservation System version 1.0, consider restricting access to the /APR/login.php file until a fix is available, and avoid using the username argument in the affected POST parameter handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.