SourceCodester Shopping Website forgot-password.php sql injection
CVE-2023-3458
9.8CRITICAL
What is CVE-2023-3458?
A security flaw exists in the SourceCodester Shopping Website version 1.0, specifically within the forgot-password.php file. This vulnerability enables attackers to manipulate the contact argument, leading to SQL injection. The exploit can be executed remotely, allowing unauthorized access to the database and could potentially compromise sensitive user information. The vulnerability has been publicly disclosed, making it critical for users to secure their systems against this threat.
Affected Version(s)
Shopping Website 1.0