CVE-2023-2218

Опубликовано: 21 апр. 2023

Источник: nvd

CVSS3: 6.3

CVSS3: 9.8

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability has been found in SourceCodester Task Reminder System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226984.

Ссылки

https://github.com/E1CHO/cve_hub/blob/main/Task%20Reminder%20System/Task%20Reminder%20System%20-%20vuln%203.pdf
Third Party Advisory
https://vuldb.com/?ctiid.226984
Permissions Required
Third Party Advisory
VDB Entry
https://vuldb.com/?id.226984
Third Party Advisory
VDB Entry
https://github.com/E1CHO/cve_hub/blob/main/Task%20Reminder%20System/Task%20Reminder%20System%20-%20vuln%203.pdf
Third Party Advisory
https://vuldb.com/?ctiid.226984
Permissions Required
Third Party Advisory
VDB Entry
https://vuldb.com/?id.226984
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:task_reminder_system_project:task_reminder_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00066

Низкий

6.3 Medium

CVSS3

9.8 Critical

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-8gfm-33ch-4g7g

CVSS3: 6.3

github

почти 3 года назад

EPSS

Процентиль: 20%

0.00066

Низкий

6.3 Medium

CVSS3

9.8 Critical

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89