SourceCodester AC Repair and Services System HTTP POST Request sql injection
CVE-2023-3678

9.8CRITICAL

Key Information:

Vendor: SourceCodester
Status: AC Repair and Services System
Vendor: CVE Published:; 15 July 2023

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2023-3678?

A SQL injection vulnerability exists in the SourceCodester AC Repair and Services System 1.0, specifically in the HTTP POST Request Handler found at /classes/Master.php?f=delete_inquiry. This vulnerability arises from improper handling of the 'id' parameter, allowing attackers to manipulate SQL queries executed by the application. The exploitation of this vulnerability can enable unauthorized access to the database, potentially leading to data breaches and other malicious activities. The attack can be executed remotely, making it critical for affected users to apply necessary patches and safeguard their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AC Repair and Services System 1.0

References

https://vuldb.com/?id.234223

vdb-entrytechnical-description

https://vuldb.com/?ctiid.234223

signature

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2023
Vulnerability Reserved
Jul 15, 2023

Credit

L2ncE (VulDB User)

JSON

SourceCodester

What is CVE-2023-3678?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.