CVE-2023-1985

Name of the Vulnerable Software and Affected Versions SourceCodester Online Computer and Laptop Store version 1.0

Description A critical issue has been found in the function save brand of the file /classes/Master.php?f=save brand. The manipulation of the argument name leads to sql injection. The attack may be initiated remotely.

Recommendations For version 1.0, consider disabling the save brand function until a patch is available to prevent sql injection attacks. Restrict access to the /classes/Master.php?f=save brand endpoint to minimize the risk of exploitation. Avoid using the name argument in the affected endpoint until the issue is resolved.