CVE-2023-7107

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Feb 29, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-7107 is a critical vulnerability identified in version 1.0 of code-projects E-Commerce Website. Affecting some unknown functionality of the file user_signup.php, this issue allows for sql injection through manipulation of the firstname, middlename, email, address, contact, and username arguments. This vulnerability can be exploited remotely, and VDB-249002 has been assigned to it as a unique identifier.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t6_vUq
https://www.cve.org/CVERecord?id=CVE-2023-7107
https://nvd.nist.gov/vuln/detail/CVE-2023-7107

Back to Vulnerability Database

CVE-2023-7107

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations