CVE-2023-4437

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 20, 2023

Updated: May 17, 2024

CWE ID 74

Summary

CVE-2023-4437 is a critical vulnerability affecting the SourceCodester Inventory Management System 1.0. The issue lies in an unknown function of the file app/ajax/search_sell_paymen_report.php, which can be exploited through SQL injection. By manipulating the customer argument, attackers can launch remote attacks and potentially gain unauthorized access to sensitive data. This vulnerability, identified as VDB-237558, has been disclosed to the public, increasing the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0thE5
https://www.cve.org/CVERecord?id=CVE-2023-4437
https://nvd.nist.gov/vuln/detail/CVE-2023-4437

Back to Vulnerability Database

CVE-2023-4437

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations