CVE-2023-33584

Name of the Vulnerable Software and Affected Versions Sourcecodester Enrollment System Project version V1.0

Description The issue concerns SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. This is due to the application's failure to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code.

Recommendations For Sourcecodester Enrollment System Project version V1.0, consider implementing proper input validation and sanitization for the username and password fields to prevent SQL injection attacks. As a temporary workaround, restrict access to the login functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.