CVE-2023-4199

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 7, 2023

Updated: May 17, 2024

CWE ID 754

Summary

CVE-2023-4199 is a critical vulnerability affecting the SourceCodester Inventory Management System 1.0. A remote attacker can exploit an unknown part of the file catagory_data.php by manipulating the arguments columns[1][data]. This leads to SQL injection, allowing the attacker to execute malicious SQL statements. The vulnerability, identified as VDB-236289, has been publicly disclosed and may be actively exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fedora Operating System
Debian
Java Runtime Environment
Oracle Java Development Kit

Affected Vendors

Debian
Fedora Project
BonqDAO
NetApp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/swJRsJ
https://www.cve.org/CVERecord?id=CVE-2023-4199
https://nvd.nist.gov/vuln/detail/CVE-2023-4199

Back to Vulnerability Database