CVE-2023-7137 | code-projects Client Details System 1.0 HTTP POST Request uemail sql injection

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the component HTTP POST Request Handler. The manipulation of the argument uemail leads to sql injection.

This vulnerability is handled as CVE-2023-7137. The attack needs to be done within the local network. Furthermore, there is an exploit available.

CVE-2023-7137 | code-projects Client Details System 1.0 HTTP POST Request uemail sql injection

Related Posts

CVE-2024-4069 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 search.php txtSearch sql injection

CVE-2024-33506 | Fortinet FortiManager up to 7.0.12/7.2.5/7.4.2 HTTP information disclosure (FG-IR-23-472)

CVE-2023-46354 | MyPrestaModules Orders Export Pro Module up to 5.1.x on PrestaShop permission

CVE-2024-30983 | PHPGurukul Cyber Cafe Management System 1.0 edit-computer-detail.php compname sql injection