CVE Details
Basic Information
| Title | SourceCodester Music Gallery Site GET Request view_music_details.php sql injection |
|---|---|
| Type | cve |
| Published | 2023-02-22T18:12:49.002Z |
| Modified | 2024-08-02T05:32:46.320Z |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Music Gallery Site |
| Version | 1.0 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability in SourceCodester Music Gallery Site 1.0 allows remote attackers to inject arbitrary SQL commands via the ‘id’ parameter in view_music_details.php. This can lead to unauthorized data access and modification. The vulnerability is remotely exploitable and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| AI Vendor | SourceCodester |
| AI Product | Music Gallery Site |
| AI Version | 1.0 |
Affected Products
- SourceCodester Music Gallery Site 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file view_music_details.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221631.