SourceCodester Free and Open Source Inventory Management System edit_product.php sql injection
CVE-2023-7155
8.8HIGH
What is CVE-2023-7155?
A SQL injection vulnerability exists in the SourceCodester Free and Open Source Inventory Management System 1.0. This vulnerability is triggered by manipulating the 'id' argument in the edit_product.php file. A successful exploit allows an attacker to execute arbitrary SQL statements, potentially compromising the integrity of the database. The vulnerability can be exploited remotely, making it a significant concern for users of the affected software. It's crucial for organizations using this software to apply security measures to mitigate the risk.
Affected Version(s)
Free and Open Source Inventory Management System 1.0