SourceCodester Visitor Management System manage_user.php sql injection
CVE-2023-5918
6.3MEDIUM
What is CVE-2023-5918?
A vulnerability exists in the SourceCodester Visitor Management System 1.0, specifically within the manage_user.php file. This issue arises from improper handling of input in the argument 'id', which allows for SQL injection attacks. Attackers could exploit this vulnerability remotely, potentially leading to unauthorized access to sensitive database information or manipulation of application data.
Affected Version(s)
Visitor Management System 1.0
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
CVSS V3.0
Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
yuhangliu (VulDB User)