CVE-2023-6312 | SourceCodester Loan Management System 1.0 Users Page deleteUser.php delete_user user_id sql injection

Posted by Angelo Barbosa | Nov 26, 2023 | CVE

A vulnerability was found in SourceCodester Loan Management System 1.0. It has been classified as critical. Affected is the function delete_user of the file deleteUser.php of the component Users Page. The manipulation of the argument user_id leads to sql injection.

This vulnerability is traded as CVE-2023-6312. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2023-6312 | SourceCodester Loan Management System 1.0 Users Page deleteUser.php delete_user user_id sql injection

Related Posts

CVE-2023-49620 | Apache DolphinScheduler up to 3.0.x Resource Center authorization

CVE-2024-6520 | FluentForm Plugin up to 5.1.19 on WordPress cross site scripting

CVE-2024-47086 | Apex Softcell LD DP Back Office API Endpoint OTP authentication bypass by assumed-immutable data (CIVN-2024-0296)

CVE-2024-27991 | SupportCandy Plugin up to 3.2.3 on WordPress cross site scripting