A vulnerability classified as critical has been found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file cust_transac.php. The manipulation of the argument phonenumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222849 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/chenxing0903/CveHub/blob/main/Computer-Parts-Sales-And-Inventory-System-Sql-Vulnerability.pdf | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.222849 | Third Party Advisory VDB Entry |
https://vuldb.com/?id.222849 | Permissions Required Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2023-03-11T11:31:03.179Z
Updated: 2023-10-21T08:11:03.505Z
Reserved: 2023-03-11T11:18:42.959Z
Link: CVE-2023-1351
JSON object: View
NVD Information
Status : Modified
Published: 2023-03-11T12:15:16.253
Modified: 2024-05-17T02:18:00.250
Link: CVE-2023-1351
JSON object: View
Redhat Information
No data.
CWE