CVE-2023-7123 | SourceCodester Medicine Tracking System 1.0 Master.php id/name/description sql injection

Posted by Angelo Barbosa | Dec 27, 2023 | CVE

A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=save_medicine. The manipulation of the argument id/name/description leads to sql injection.

The identification of this vulnerability is CVE-2023-7123. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2023-7123 | SourceCodester Medicine Tracking System 1.0 Master.php id/name/description sql injection

Related Posts

CVE-2024-27757 | flusity CMS up to 2.45 tools/addons_model.php Gallery Name cross site scripting (GHSA-5843-5m74-7fqh)

CVE-2024-4626 | JetWidgets for Elementor Plugin up to 1.0.17 on WordPress layout_type/id cross site scripting

CVE-2024-4519 | Campcodes Complete Web-Based School Management 1.0 teacher_salary_details3.php month cross site scripting

CVE-2024-8577 | TOTOLINK AC1200 T8/AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207 /cgi-bin/cstecgi.cgi setStaticDhcpRules desc buffer overflow