CVE-2023-7137

Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0

Description A critical issue has been found in the component HTTP POST Request Handler, where the manipulation of the uemail argument leads to sql injection. The exploit has been disclosed to the public and may be used.

Recommendations For code-projects Client Details System version 1.0, consider disabling the HTTP POST Request Handler or restricting access to it until a patch is available. Avoid using the uemail argument in the affected HTTP POST request handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.