CVE-2023-4556

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 27, 2023

Updated: May 17, 2024

Summary

CVE-2023-4556 is a critical vulnerability affecting the SourceCodester Online Graduate Tracer System 1.0. The issue lies in the mysqli_query function of the file sexit.php, which can be exploited through sql injection by manipulating the argument id. This vulnerability poses a remote threat, meaning that attackers can exploit it from outside the system. The exploit for this vulnerability has been made public, increasing the risk of its exploitation. Vulnerability Database (VDB) has assigned the identifier VDB-238154 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8JM3n
https://www.cve.org/CVERecord?id=CVE-2023-4556
https://nvd.nist.gov/vuln/detail/CVE-2023-4556

Back to Vulnerability Database

CVE-2023-4556

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations