Unauthenticated SQL Injection and Remote Command Execution Vulnerability in Sourcecodester Information System's Version 1.0
CVE-2023-33676

Currently unrated

Key Information:

Vendor
Sourcecodester
Status
Lost And Found Information System
Vendor
CVE Published:
7 March 2024

Summary

Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*" which can be escalated to the remote command execution.

References

https://github.com/ASR511-OO7/CVE-2023-33676/blob/main/CV...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-33676 : Unauthenticated SQL Injection and Remote Command Execution Vulnerability in Sourcecodester Information System's Version 1.0 | SecurityVulnerability.io