CVE-2023-50070 | SourceCodester Customer Support System 1.0 ajax.php department_id/customer_id/subject sql injection

Inserito da Angelo Barbosa | Dic 30, 2023 | CVE

A vulnerability was found in SourceCodester Customer Support System 1.0. It has been classified as critical. This affects an unknown part of the file /customer_support/ajax.php?action=save_ticket. The manipulation of the argument department_id/customer_id/subject leads to sql injection.

This vulnerability is uniquely identified as CVE-2023-50070. The attack can only be done within the local network. There is no exploit available.

CVE-2023-50070 | SourceCodester Customer Support System 1.0 ajax.php department_id/customer_id/subject sql injection

Post correlati

CVE-2024-22105 | Mitsubishi Electric CPU Module Logging Configuration Tool resource consumption (icsa-24-135-04)

CVE-2023-4976 | PureStorage FlashBlade up to 3.3.10/4.0.6/4.1.8/4.2.2 Management Interface privileges management

CVE-2023-37926 | Zyxel ATP/USG FLEX/USG FLEX 50/USG20-VPN/VPN CLI Command buffer overflow

CVE-2024-32025 | bmaltais kohya_ss up to 23.1.4 group_images_gui.py command injection (GHSA-qprv-9pg5-h33c)