SourceCodester Young Entrepreneur E-Negosyo System passwordrecover.php sql injection
CVE-2023-1735
6.3MEDIUM
What is CVE-2023-1735?
A vulnerability has been identified in SourceCodester's Young Entrepreneur E-Negosyo System 1.0 due to improper input validation in the passwordrecover.php file. An attacker can exploit this weakness by manipulating the phonenumber parameter, potentially leading to unauthorized access to the database. This vulnerability allows remote attackers to execute arbitrary SQL queries, which could compromise sensitive information stored in the database.
Affected Version(s)
Young Entrepreneur E-Negosyo System 1.0