CVE-2023-44377

Name of the Vulnerable Software and Affected Versions Online Art Gallery version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the add3 parameter of the header.php resource does not validate the characters received, and they are sent unfiltered to the database.

Recommendations For Online Art Gallery version 1.0, as a temporary workaround, consider restricting access to the add3 parameter in the header.php resource until a patch is available. Avoid using the add3 parameter in the affected resource to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.