SourceCodester Online Discussion Forum Site manage_user.php sql injection
CVE-2023-3151
8.8HIGH
Summary
A vulnerability in the SourceCodester Online Discussion Forum Site version 1.0 allows for SQL injection through manipulation of the 'id' argument in the user/manage_user.php file. This security flaw can be exploited remotely and poses significant risks as it may lead to unauthorized database access. The exploit has been publicly disclosed, increasing its potential for exploitation.
Affected Version(s)
Online Discussion Forum Site 1.0
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
peanut886886 (VulDB User)