CVE-2023-50752

Name of the Vulnerable Software and Affected Versions Online Notice Board System version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the e parameter of the "login.php" resource does not validate the characters received, and they are sent unfiltered to the database.

Recommendations For Online Notice Board System version 1.0, as a temporary workaround, consider validating and filtering the e parameter in the "login.php" resource to prevent SQL injection attacks. Restrict access to the "login.php" resource until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.