CVE-2023-43737

Name of the Vulnerable Software and Affected Versions Online Art Gallery version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the fnm parameter of the header.php resource does not validate the characters received, and they are sent unfiltered to the database.

Recommendations For Online Art Gallery version 1.0, consider restricting access to the header.php resource to minimize the risk of exploitation. As a temporary workaround, avoid using the fnm parameter in the affected resource until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.