SourceCodester Earnings and Expense Tracker App manage_user.php sql injection
CVE-2023-1785

9.8CRITICAL

Key Information:

Vendor: SourceCodester
Status: Earnings and Expense Tracker App
Vendor: CVE Published:; 31 March 2023

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2023-1785?

A vulnerability exists in the Earnings and Expense Tracker App by SourceCodester, specifically within the manage_user.php file. This issue arises from improper handling of the 'id' argument, which makes the application susceptible to SQL injection attacks. Attackers can exploit this vulnerability remotely, potentially allowing them to manipulate the database and access sensitive information. It's crucial for users of version 1.0 to apply security measures or patches to mitigate the risk associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Earnings and Expense Tracker App 1.0

References

https://vuldb.com/?id.224700

vdb-entrytechnical-description

https://vuldb.com/?ctiid.224700

signaturepermissions-required

https://github.com/web-zxl/img/blob/main/4.png

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2023
Vulnerability Reserved
Mar 31, 2023

Credit

aallll (VulDB User)

JSON

SourceCodester

What is CVE-2023-1785?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.