SourceCodester Automatic Question Paper Generator System GET Parameter view_class.php sql injection
CVE-2023-1592

6.3MEDIUM

Key Information:

Vendor: Sourcecodester
Status: Automatic Question Paper Generator System
Vendor: CVE Published:; 23 March 2023

Summary

A vulnerability classified as critical was found in SourceCodester Automatic Question Paper Generator System 1.0. This vulnerability affects unknown code of the file admin/courses/view_class.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-223660.

Affected Version(s)

Automatic Question Paper Generator System 1.0

References

https://vuldb.com/?id.223660

vdb-entrytechnical-description

https://vuldb.com/?ctiid.223660

signature

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 23, 2023
Vulnerability Reserved
Mar 23, 2023

Credit

WWesleywww (VulDB User)