SourceCodester Online Graduate Tracer System search_it.php sql injection
CVE-2023-1309
9.8CRITICAL
What is CVE-2023-1309?
A security flaw exists in the SourceCodester Online Graduate Tracer System 1.0, where improper validation of user input in the admin/search_it.php file allows for SQL injection vulnerabilities. This enables attackers to manipulate input arguments, allowing for unauthorized access to the database and potential exposure of sensitive data. The vulnerability can be exploited remotely, increasing its risk to users. An identifier, VDB-222697, has been assigned to track this issue.
Affected Version(s)
Online Graduate Tracer System 1.0