CVE-2023-6773

Name of the Vulnerable Software and Affected Versions CodeAstro POS and Inventory Management System version 1.0

Description A vulnerability has been found in the system, allowing for improper access controls. The issue is related to the manipulation of the account type argument with the input Admin in the unknown functionality of the file /accounts con/register account of the component User Creation Handler. This can be exploited remotely.

Recommendations For CodeAstro POS and Inventory Management System version 1.0, as a temporary workaround, consider restricting access to the /accounts con/register account file to minimize the risk of exploitation. Avoid using the account type argument with the input Admin in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.