CVE-2023-7126 | code-projects Automated Voting System 1.0 Admin Login /admin/ username sql injection

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection.

This vulnerability is uniquely identified as CVE-2023-7126. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

CVE-2023-7126 | code-projects Automated Voting System 1.0 Admin Login /admin/ username sql injection

Related Posts

CVE-2021-47117 | Linux Kernel up to 5.12.9 ext4 fs/ext4/extents_status.c ext4_es_cache_extent injection

CVE-2024-23670 | Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0 HTTP Request improper authorization (FG-IR-23-222)

CVE-2024-2168 | SourceCodester Online Tours & Travels Management System 1.0 HTTP POST Request expense_category.php status sql injection

CVE-2023-0437 | MongoDB C Driver up to 1.24.x bson_utf8_validate infinite loop