CVE-2023-6305

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 27, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-6305 is a critical vulnerability affecting the SourceCodester Free and Open Source Inventory Management System version 1.0. This issue involves the manipulation of arguments in the file ample/app/ajax/suppliar_data.php, leading to SQL injection. An attacker can exploit this vulnerability remotely, making it a significant security risk. The exploit for this vulnerability (VDB-246131) has already been disclosed to the public, increasing the urgency for affected organizations to apply necessary patches or updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tkVQ2R
https://www.cve.org/CVERecord?id=CVE-2023-6305
https://nvd.nist.gov/vuln/detail/CVE-2023-6305

Back to Vulnerability Database

CVE-2023-6305

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations