SourceCodester Alphaware Simple E-Commerce System sql injection
CVE-2023-1504
8.1HIGH
What is CVE-2023-1504?
A vulnerability exists in SourceCodester's Alphaware Simple E-Commerce System 1.0, allowing for SQL injection through the manipulation of email/password input fields. An attacker could exploit this vulnerability remotely, executing arbitrary SQL commands that could compromise user data or application integrity. The complexity required for attack execution is relatively high, indicating that successful exploitation may necessitate advanced technical skills. The vulnerability has already been publicly disclosed, making it imperative for users to assess their systems and implement necessary security measures.
Affected Version(s)
Alphaware Simple E-Commerce System 1.0