CVE-2023-5018

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 17, 2023

Updated: May 17, 2024

CWE ID 497

Summary

CVE-2023-5018 is a critical vulnerability identified in the SourceCodester Lost and Found Information System 1.0. A remotely exploitable SQL injection flaw resides in the POST Parameter Handler of an unspecified part of the /classes/Master.php?f=save_category file. By manipulating the id argument, an attacker can inject malicious SQL code and potentially gain unauthorized access to sensitive data. This vulnerability, identified as VDB-239859, could have serious implications for systems using this software.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fortinet Fortiadc
FortiADC

Affected Vendors

Fortinet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tsdoiC
https://www.cve.org/CVERecord?id=CVE-2023-5018
https://nvd.nist.gov/vuln/detail/CVE-2023-5018

Back to Vulnerability Database