SourceCodester Online Graduate Tracer System admin_cs.php mysqli_query sql injection
CVE-2023-1293
8.1HIGH
What is CVE-2023-1293?
A vulnerability exists in the SourceCodester Online Graduate Tracer System version 1.0 that allows attackers to execute unauthorized SQL commands through the admin_cs.php file's mysqli_query function. This SQL injection can be exploited remotely, permitting potential manipulation of the database without proper authentication. The complexity associated with exploiting this vulnerability is high, but it has been publicly disclosed, increasing the risk of attack. Users of this system should take immediate action to mitigate exposure.
Affected Version(s)
Online Graduate Tracer System 1.0