Products
SourceCodester Simple Subscription Website
- 1.0
Simple Subscription Website
- 1.0
Source
cna@vuldb.com
Tags
CVE-2024-4093 details
Last Modified : April 24, 2024, 1:39 p.m.
Description
A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261822 is the identifier assigned to this vulnerability.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6.3 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
Base Score
6.3
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
References
URL | Source |
---|---|
https://github.com/4wchen/Cve/blob/main/Simple%20Subscription%20Website%20with%20Admin%20System%20view_application.php%20has%20Sqlinjection.pdf | cna@vuldb.com |
https://vuldb.com/?ctiid.261822 | cna@vuldb.com |
https://vuldb.com/?id.261822 | cna@vuldb.com |
https://vuldb.com/?submit.321505 | cna@vuldb.com |