code-projects Intern Membership Management System User Registration sql injection
CVE-2023-7131
9.8CRITICAL
What is CVE-2023-7131?
A vulnerability was detected in the Intern Membership Management System version 2.0, specifically within the User Registration component. This flaw allows for SQL injection through the manipulation of the 'userName' argument in the /user_registration/ file. When exploited, it could enable attackers to interfere with the software’s database queries, potentially leading to unauthorized access to sensitive user data. Publicly disclosed and actively exploitable, organizations using this system should urgently implement the necessary security measures to mitigate any risks.
Affected Version(s)
Intern Membership Management System 2.0