SourceCodester Task Reminder System sql injection
CVE-2023-5814

8.8HIGH

Key Information:

Vendor: SourceCodester
Status: Task Reminder System
Vendor: CVE Published:; 27 October 2023

Summary

A vulnerability exists in the SourceCodester Task Reminder System 1.0 within the /classes/Master.php?f=save_reminder file. The issue arises from improper handling of the 'id' parameter, allowing attackers to execute SQL injection attacks remotely. This security flaw can be exploited without requiring physical access to the system, making it a significant concern for users and administrators of the software.

Affected Version(s)

Task Reminder System 1.0

References

https://vuldb.com/?id.243645

vdb-entrytechnical-description

https://vuldb.com/?ctiid.243645

signaturepermissions-required

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2023
Vulnerability Reserved
Oct 26, 2023

Credit

fushuling (VulDB User)