SourceCodester Medicine Tracker System improper authentication
CVE-2023-1464

9.8CRITICAL

Key Information:

Vendor: SourceCodester
Status: Medicine Tracker System
Vendor: CVE Published:; 17 March 2023

Summary

A vulnerability was discovered in the SourceCodester Medicine Tracker System version 1.0, where improper authentication exists in the Users.php?f=save_user file. Attackers can exploit this vulnerability by manipulating arguments such as firstname, middlename, lastname, username, and password, allowing for unauthorized access. This vulnerability can be exploited remotely, making it critical for users to address this security flaw to protect sensitive information.

Affected Version(s)

Medicine Tracker System 1.0

References

https://vuldb.com/?id.223311

vdb-entrytechnical-description

https://vuldb.com/?ctiid.223311

signature

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 17, 2023
Vulnerability Reserved
Mar 17, 2023

Credit

WWesleywww (VulDB User)