CVE Details
Basic Information
| Title | SourceCodester Service Provider Management System manage_service.php sql injection |
|---|---|
| Type | cve |
| Published | 2023-04-27T14:31:04.439Z |
| Modified | 2024-08-02T06:19:14.875Z |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Service Provider Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in SourceCodester’s Service Provider Management System version 1.0. This vulnerability allows remote attackers to inject malicious SQL code, potentially leading to data tampering and unauthorized access. The issue is considered medium severity with a CVSS score of 6.3. |
|---|---|
| AI Severity | Medium |
| AI Vendor | SourceCodester |
| AI Product | Service Provider Management System |
| AI Version | 1.0 |
Affected Products
- SourceCodester Service Provider Management System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/services/manage_service.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-227590 is the identifier assigned to this vulnerability.