SourceCodester Automatic Question Paper Generator System GET Parameter view_course.php sql injection
CVE-2023-1441

9.8CRITICAL

Key Information:

Vendor: SourceCodester
Status: Automatic Question Paper Generator System
Vendor: CVE Published:; 17 March 2023

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2023-1441?

A vulnerability has been identified in the SourceCodester Automatic Question Paper Generator System version 1.0. This flaw arises from the improper handling of the 'id' parameter in the file admin/courses/view_course.php. An attacker can exploit this weakness remotely by manipulating the GET request, allowing for unauthorized database access and potentially compromising sensitive information. Publicly disclosed, this vulnerability poses a significant risk, making it essential for users to apply necessary security measures.