CVE-2023-3876

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 25, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-3876 is a critical vulnerability affecting the Campcodes Beauty Salon Management System version 1.0. This issue lies within an unknown functionality of the file /admin/search-appointment.php, allowing an attacker to perform SQL injection through the manipulation of the searchdata argument. The attack can be executed remotely, and the exploit has been disclosed to the public, increasing the risk of widespread exploitation. Vulnerability Database assigns the identifier VDB-235238 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sGiS1d
https://www.cve.org/CVERecord?id=CVE-2023-3876
https://nvd.nist.gov/vuln/detail/CVE-2023-3876

Back to Vulnerability Database

CVE-2023-3876

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations