PT-2023-19405 · Sourcecodester · Sourcecodester Ac Repair/Services System

Yp1Oneer

Publicado

2023-04-28

Atualizado

2024-05-17

CVE-2023-2411

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SourceCodester AC Repair and Services System version 1.0

Description A critical issue affects the processing of the file /admin/inquiries/view inquiry.php, where the manipulation of the id argument leads to sql injection. The attack can be initiated remotely.

Recommendations For SourceCodester AC Repair and Services System version 1.0, consider disabling access to the /admin/inquiries/view inquiry.php file until a patch is available. Restrict the manipulation of the id argument to minimize the risk of sql injection.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2023-2411

Produtos afetados

Sourcecodester Ac Repair/Services System

PT-2023-19405 · Sourcecodester · Sourcecodester Ac Repair/Services System

CVE-2023-2411

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7