A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqli_query of the file admin_cs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222647.
References
Link | Resource |
---|---|
https://blog.csdn.net/weixin_43864034/article/details/129418770 | Broken Link |
https://vuldb.com/?ctiid.222647 | Third Party Advisory |
https://vuldb.com/?id.222647 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Feb 2024, 17:43
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 8.1 |
15 Mar 2023, 18:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:online_graduate_tracer_system_project:online_graduate_tracer_system:1.0:*:*:*:*:*:*:* | |
References | (MISC) https://vuldb.com/?ctiid.222647 - Third Party Advisory | |
References | (MISC) https://vuldb.com/?id.222647 - Third Party Advisory | |
References | (MISC) https://blog.csdn.net/weixin_43864034/article/details/129418770 - Broken Link |
09 Mar 2023, 20:03
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-09 15:15
Updated : 2024-05-17 02:17
NVD link : CVE-2023-1293
Mitre link : CVE-2023-1293
CVE.ORG link : CVE-2023-1293
JSON object : View
Products Affected
online_graduate_tracer_system_project
- online_graduate_tracer_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')