SourceCodester Canteen Management System removeUser.php sql injection
CVE-2023-0679
8.1HIGH
What is CVE-2023-0679?
A significant SQL injection vulnerability exists within SourceCodester's Canteen Management System version 1.0. The flaw arises from improper handling of user inputs in the removeUser.php file, specifically the manipulation of the 'id' argument. This vulnerability permits remote attackers to execute arbitrary SQL queries, leading to potential database compromise. While exploiting this vulnerability requires advanced skills, its public disclosure makes it a notable concern for system administrators and security professionals.
Affected Version(s)
Canteen Management System 1.0