PT-2023-30466 · Unknown · Sourcecodester Inventory Management System

Gikaku

Publicado

2023-09-04

Atualizado

2024-05-17

CVE-2023-4749

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory Management System version 1.0

Description A critical issue was found in the system, affecting an unknown function of the file index.php. The manipulation of the page argument leads to file inclusion. This issue can be exploited remotely.

Recommendations For SourceCodester Inventory Management System version 1.0, consider restricting access to the index.php file to minimize the risk of exploitation. Avoid using the page argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-73

Identificadores relacionados

CVE-2023-4749

Produtos afetados

Sourcecodester Inventory Management System

PT-2023-30466 · Unknown · Sourcecodester Inventory Management System

CVE-2023-4749

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5