CVE-2023-4449

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 21, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-4449 is a critical vulnerability affecting SourceCodester's Free and Open Source Inventory Management System version 1.0. An unknown function in the file /index.php?page=member contains a SQL injection flaw, which can be exploited by manipulating the argument columns[0][data]. This vulnerability enables attackers to launch remote attacks, and the exploit has already been disclosed to the public. Vulnerability database VDB assigns the identifier VDB-237570 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sZ24yn
https://www.cve.org/CVERecord?id=CVE-2023-4449
https://nvd.nist.gov/vuln/detail/CVE-2023-4449

Back to Vulnerability Database

CVE-2023-4449

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations