SourceCodester Student Study Center Desk Management System view_student sql injection
CVE-2023-1466

6.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Student Study Center Desk Management System
Vendor
CVE Published:
17 March 2023

What is CVE-2023-1466?

A vulnerability exists in the Student Study Center Desk Management System that allows for SQL injection through the 'view_student' function. By manipulating the 'id' argument, an attacker can input malicious SQL code, potentially leading to unauthorized data access or manipulation. This vulnerability can be exploited remotely, posing a significant risk to the integrity of the system. It is crucial for users to patch their installations to mitigate this security issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Student Study Center Desk Management System 1.0

References

https://vuldb.com/?id.223325
vdb-entrytechnical-description
https://vuldb.com/?ctiid.223325
signature

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

WWesleywww (VulDB User)
JSON
.