CVE-2023-6306 | SourceCodester Free and Open Source Inventory Management System 1.0 member_data.php columns sql injection

Posted by Angelo Barbosa | Nov 26, 2023 | CVE

A vulnerability classified as critical has been found in SourceCodester Free and Open Source Inventory Management System 1.0. Affected is an unknown function of the file /ample/app/ajax/member_data.php. The manipulation of the argument columns leads to sql injection.

This vulnerability is traded as CVE-2023-6306. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2023-6306 | SourceCodester Free and Open Source Inventory Management System 1.0 member_data.php columns sql injection

Related Posts

CVE-2024-35151 | IBM OpenPages with Watson 8.3/9.0 API authentication bypass

CVE-2024-27847 | Apple iOS/iPadOS up to 17.4 App access control (HT214101)

CVE-2024-26280 | Apache Airflow up to 2.8.1 Audit Log default permission

CVE-2024-0259 | Fortra Robot Schedule Enterprise Agent up to 3.03 on Windows default permission