SourceCodester Simple Membership System account_edit_query.php sql injection
CVE-2023-4845
9.8CRITICAL
What is CVE-2023-4845?
A SQL injection vulnerability exists in the SourceCodester Simple Membership System version 1.0, specifically within the account_edit_query.php file. The flaw arises from improper handling of the admin_id argument, allowing attackers to execute arbitrary SQL queries on the database remotely. This vulnerability has been publicly disclosed, raising concerns for the security of systems utilizing this software. Admins of affected installations are advised to implement patches or workarounds to mitigate potential exploits effectively.
Affected Version(s)
Simple Membership System 1.0