SourceCodester AC Repair and Services System HTTP POST Request sql injection
CVE-2023-3658
9.8CRITICAL
What is CVE-2023-3658?
A SQL injection vulnerability exists in the AC Repair and Services System version 1.0, which is triggered by improper handling of the 'id' argument in the Master.php file. This flaw allows attackers to manipulate HTTP POST requests, potentially leading to unauthorized access to the database. Exploitation of this vulnerability can occur remotely, putting sensitive information at risk. Proper validation and sanitization of input parameters are essential to mitigate this issue.
Affected Version(s)
AC Repair and Services System 1.0