SourceCodester Lost and Found Information System manage_user.php sql injection
CVE-2023-3176
8.8HIGH
What is CVE-2023-3176?
A SQL injection vulnerability exists in the SourceCodester Lost and Found Information System, specifically in the file admin/user/manage_user.php. This flaw allows remote attackers to manipulate the 'id' argument, potentially leading to unauthorized access or data manipulation. Exploiting this vulnerability could enable attackers to execute arbitrary SQL queries, compromising the integrity of the database. This issue has been publicly disclosed, emphasizing the importance of immediate remediation for affected installations to ensure security.
Affected Version(s)
Lost and Found Information System 1.0