SourceCodester Student Study Center Desk Management System manage_user.php sql injection
CVE-2023-1407
7.2HIGH
What is CVE-2023-1407?
An SQL injection vulnerability exists in the SourceCodester Student Study Center Desk Management System 1.0. This flaw is located in the /admin/user/manage_user.php file, where improper validation of the 'id' parameter allows an attacker to construct malicious SQL queries. As a result, this vulnerability poses serious risks, enabling unauthorized database access and manipulation. The issue is public knowledge and can be exploited remotely, highlighting the need for urgent remediation. For further technical details, consult VDB-223111.
Affected Version(s)
Student Study Center Desk Management System 1.0