SourceCodester Student Study Center Desk Management System Report sql injection
CVE-2023-1468

6.3MEDIUM

Key Information:

Vendor: Sourcecodester
Status: Student Study Center Desk Management System
Vendor: CVE Published:; 17 March 2023

Summary

A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report Handler. The manipulation of the argument date_from/date_to leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-223327.

Affected Version(s)

Student Study Center Desk Management System 1.0

References

https://vuldb.com/?id.223327

vdb-entrytechnical-description

https://vuldb.com/?ctiid.223327

signature

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 17, 2023
Vulnerability Reserved
Mar 17, 2023

Credit

WWesleywww (VulDB User)