SQL Injection Vulnerability in SourceCodester Lot Reservation Management System
CVE-2024-7223

9.8CRITICAL

Key Information:

Vendor: SourceCodester
Status: Lot Reservation Management System
Vendor: CVE Published:; 30 July 2024

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2024-7223?

A critical vulnerability has been detected in the SourceCodester Lot Reservation Management System version 1.0. This security weakness pertains to an unknown functionality within the view_model.php file, where improper handling of input can allow an attacker to manipulate the 'id' argument. Such manipulation opens the door to SQL injection attacks, enabling unauthorized access to the database. This vulnerability can be exploited remotely, posing a significant threat to the integrity of systems utilizing this software. Given its public disclosure, it is crucial for users of the affected system to take immediate action to mitigate risks.

References

https://vuldb.com/?id.272803

https://vuldb.com/?ctiid.272803

https://vuldb.com/?submit.380470

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2024