CVE Details
Basic Information
| Title | SourceCodester Auto Dealer Management System sql injection |
|---|---|
| Type | cve |
| Published | 2023-02-18T19:34:33.791Z |
| Modified | 2024-08-02T05:24:34.747Z |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | Auto Dealer Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 4.7 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in SourceCodester’s Auto Dealer Management System version 1.0. This vulnerability allows remote attackers to inject malicious SQL code, potentially leading to data manipulation or extraction. The issue was publicly disclosed and could be exploited without advanced privileges. |
|---|---|
| AI Severity | Medium |
| AI Vendor | SourceCodester |
| AI Product | Auto Dealer Management System |
| AI Version | 1.0 |
Affected Products
- SourceCodester Auto Dealer Management System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. This vulnerability affects unknown code of the file /adms/admin/?page=vehicles/sell_vehicle. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221482 is the identifier assigned to this vulnerability.