SQL Injection Vulnerability in SourceCodester Simple Customer Relationship Management System
CVE-2023-24204
5.4MEDIUM
Key Information:
- Vendor
SourceCodester
- Vendor
- CVE Published:
- 14 May 2024
What is CVE-2023-24204?
An SQL injection vulnerability exists in the SourceCodester Simple Customer Relationship Management System version 1.0. This security flaw allows attackers to manipulate SQL queries by injecting arbitrary code through the 'name' parameter in the get-quote.php file. Exploitation of this vulnerability can lead to unauthorized access and execution of harmful SQL statements, potentially compromising sensitive data and system integrity.