CVE-2023-4845

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Membership System version 1.0

Description A critical vulnerability was found in the SourceCodester Simple Membership System. The issue affects the file account edit query.php, where the manipulation of the admin id argument leads to SQL injection. The attack can be initiated remotely.

Recommendations For SourceCodester Simple Membership System version 1.0, consider disabling the admin id argument in the account edit query.php file as a temporary workaround until a patch is available. Restrict access to the account edit query.php file to minimize the risk of exploitation. Avoid using the admin id argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.