CVE Details
Basic Information
| Title | SourceCodester CRUD without Page Reload add_user.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-03-12T13:00:08.002Z |
| Modified | 2024-08-12T13:49:07.831Z |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | CRUD without Page Reload |
| Version | 1.0 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in SourceCodester’s CRUD without Page Reload 1.0. This vulnerability affects the add_user.php file and can be exploited remotely by manipulating the ‘city’ argument. The exploit is publicly available, posing a significant risk. |
|---|---|
| AI Severity | Medium |
| AI Vendor | SourceCodester |
| AI Product | CRUD without Page Reload |
| AI Version | 1.0 |
Affected Products
- SourceCodester CRUD without Page Reload 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file add_user.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256453 was assigned to this vulnerability.