CVE-2023-2451

Name of the Vulnerable Software and Affected Versions SourceCodester Online DJ Management System version 1.0

Description A critical issue affects the processing of the file /admin/bookings/view details.php, specifically the GET Parameter Handler component. The manipulation of the id argument leads to sql injection. This issue can be initiated remotely.

Recommendations For SourceCodester Online DJ Management System version 1.0, consider disabling the id argument in the /admin/bookings/view details.php file as a temporary workaround until a patch is available. Restrict access to the GET Parameter Handler component to minimize the risk of exploitation. Avoid using the id argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.