SQL Injection Vulnerability in Sourcecodester Online ID Generator System
CVE-2024-40073

9.8CRITICAL

Key Information:

Vendor
CVE Published:
16 April 2025

Summary

The Online ID Generator System by Sourcecodester has been identified to possess a SQL injection vulnerability. This flaw allows an attacker to manipulate SQL queries through the 'template' parameter in the URL. By exploiting this vulnerability, malicious users could potentially gain unauthorized access to the database, exposing sensitive information. It is crucial for administrators to patch this vulnerability to protect against potential data breaches and maintain system integrity.

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.