SourceCodester Lost and Found Information System index.php sql injection
CVE-2023-2653
9.8CRITICAL
What is CVE-2023-2653?
An SQL injection vulnerability has been identified in the SourceCodester Lost and Found Information System version 1.0, specifically affecting the items/index.php file. By manipulating the 'cid' argument, remote attackers can exploit this vulnerability to execute arbitrary SQL code, potentially compromising the underlying database. As the exploit has been publicly disclosed, it poses a significant risk to users of the affected software.
Affected Version(s)
Lost and Found Information System 1.0