SourceCodester Online Discussion Forum Site view_post.php sql injection
CVE-2023-3152

8.8HIGH

Key Information:

Vendor: SourceCodester
Status: Online Discussion Forum Site
Vendor: CVE Published:; 7 June 2023

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A significant vulnerability exists in the SourceCodester Online Discussion Forum Site 1.0, specifically in the admin/posts/view_post.php file. This vulnerability allows for SQL injection attacks, which can be exploited remotely. Once exploited, attackers can manipulate database queries, potentially leading to unauthorized access or data manipulation. The existence of this vulnerability has been made public, increasing the urgency for users to secure their installations.

Affected Version(s)

Online Discussion Forum Site 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-3152 - Proof of Concept