PT-2023-18868 · Unknown · Art Gallery Management System Project

Rahul Patwari

Publicado

2023-02-10

Atualizado

2023-12-20

CVE-2023-23162

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Art Gallery Management System Project version 1.0

Description A SQL injection issue was found in the product.php file, specifically via the cid parameter.

Recommendations For version 1.0, avoid using the cid parameter in the product.php file until the issue is resolved. As a temporary workaround, consider restricting access to the product.php file to minimize the risk of exploitation.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2023-23162

Produtos afetados

Art Gallery Management System Project

PT-2023-18868 · Unknown · Art Gallery Management System Project

CVE-2023-23162

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7