CVE-2023-3850

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 23, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-3850 is a newly discovered critical vulnerability affecting the SourceCodester Lost and Found Information System 1.0. This issue lies within the HTTP POST Request Handler component, specifically the /classes/Master.php?f=delete_category file. An attacker can exploit this vulnerability by manipulating the id argument, resulting in SQL injection. The attack can be launched remotely, making it a significant security risk. The Vulnerability Database has assigned the identifier VDB-235201 to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Copyparty Project Copyparty

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sCS8pX
https://www.cve.org/CVERecord?id=CVE-2023-3850
https://nvd.nist.gov/vuln/detail/CVE-2023-3850

Back to Vulnerability Database

CVE-2023-3850

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations