CVE-2023-6306 | SourceCodester Free and Open Source Inventory Management System 1.0 member_data.php columns sql injection

Posted by Angelo Barbosa | Nov 26, 2023 | CVE

A vulnerability classified as critical has been found in SourceCodester Free and Open Source Inventory Management System 1.0. Affected is an unknown function of the file /ample/app/ajax/member_data.php. The manipulation of the argument columns leads to sql injection.

This vulnerability is traded as CVE-2023-6306. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2023-6306 | SourceCodester Free and Open Source Inventory Management System 1.0 member_data.php columns sql injection

Related Posts

CVE-2024-33511 | Aruba ArubaOS 8.10.0.11/8.11.2.2/10.4.1.1/10.5.1.1 Automatic Reporting Service buffer overflow (ARUBA-PSA-2024-004)

CVE-2024-21843 | Intel Computing Improvement Program Software prior 2.4.0.10654 uncontrolled search path (intel-sa-01059)

CVE-2024-25837 | October CMS up to 1.3.8 Comments Section cross site scripting

CVE-2023-46596 | Algosec FireFlow VisualFlow prior 32.20/32.50/32.60 Name/Description/Configuration File cross site scripting