PT-2023-28162 · Sourcecodester · Resort Reservation System

Yesec

Publicado

2023-08-06

Atualizado

2024-05-17

CVE-2023-4191

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SourceCodester Resort Reservation System version 1.0

Description A critical issue has been found in the software, affecting some unknown functionality of the file index.php. The manipulation of the page argument leads to file inclusion. The attack can be launched remotely.

Recommendations For version 1.0, consider disabling the page argument in the index.php file until a patch is available to prevent file inclusion attacks. Restrict access to the index.php file to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-73

Identificadores relacionados

CVE-2023-4191

Produtos afetados

Resort Reservation System

PT-2023-28162 · Sourcecodester · Resort Reservation System

CVE-2023-4191

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7