Source |
CVE Liste |
Identifiant |
8319898 |
Date de publication |
2023-03-20 09:15:12 (vue: 2023-03-20 11:06:52) |
Titre |
CVE-2023-1502 |
Texte |
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP(5) AND 'dAbu'='dAbu leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-223406 is the identifier assigned to this vulnerability. |
Envoyé |
Oui |
Condensat |
1502 2023 223406 affected alphaware argument assigned attack been commerce critical customer cve dabu disclosed exploit file firstname/mi/lastname found function/edit functionality has identifier injection input issue launched leads manipulation may php public rated remotely rlike simple sleep some sourcecodester sql system unknown used vdb vulnerability |
Tags |
Vulnerability
Guideline
|
Stories |
|
Notes |
|
Move |
|