SourceCodester Yoga Class Registration System manage_category.php query sql injection
CVE-2023-1366

7.2HIGH

Key Information:

Vendor

SourceCodester
Status
Yoga Class Registration System
Vendor
CVE Published:
13 March 2023

What is CVE-2023-1366?

An SQL injection vulnerability exists in SourceCodester's Yoga Class Registration System 1.0 affecting the manage_category.php file. This vulnerability allows an attacker to manipulate the 'id' parameter in a query, potentially leading to unauthorized access and data manipulation. The issue can be exploited remotely, making it a significant risk for users of this system. Public disclosure of the exploit increases the urgency for prompt mitigation by applying security patches or workarounds.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Yoga Class Registration System 1.0

References

https://vuldb.com/?id.222873
vdb-entrytechnical-description
https://vuldb.com/?ctiid.222873
signaturepermissions-required
https://blog.csdn.net/Dwayne_Wade/article/details/129493110
exploit

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

bit3hh (VulDB User)
JSON
.