SourceCodester Engineers Online Portal 1.0 downloadable_student.php ID SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame SourceCodester Engineers Online Portal 1.0 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii downloadable_student.php keessa. Dhugumatti jijjiirraa irratti raawwatame ID gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-89 si geessa. Beekumsi kun yeroo 09/29/2023 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2023-5276 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Meeshaa balaa kana fayyadamuuf hin argamne. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ଅପରିଭାଷିତ jedhamee murtaa’eera. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 68 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
09/29/2023 11:54 AM		ଅଦ୍ୟତନ 1/2
10/22/2023 11:38 AM		ଅଦ୍ୟତନ 2/2
10/22/2023 11:46 AM
software_vendorSourceCodesterSourceCodesterSourceCodester
software_nameEngineers Online PortalEngineers Online PortalEngineers Online Portal
software_version1.01.01.0
software_filedownloadable_student.phpdownloadable_student.phpdownloadable_student.php
software_argumentididid
vulnerability_cweCWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rcRRR
advisory_urlhttps://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20downloadable_student.php%20has%20Sqlinjection.pdfhttps://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20downloadable_student.php%20has%20Sqlinjection.pdfhttps://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20downloadable_student.php%20has%20Sqlinjection.pdf
source_cveCVE-2023-5276CVE-2023-5276CVE-2023-5276
cna_responsibleVulDBVulDBVulDB
advisory_date1695938400 (09/29/2023)1695938400 (09/29/2023)1695938400 (09/29/2023)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcURURUR
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss2_vuldb_basescore6.56.56.5
cvss2_vuldb_tempscore6.26.26.2
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.16.16.1
cvss3_meta_basescore6.36.37.5
cvss3_meta_tempscore6.16.17.4
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1695938400 (09/29/2023)1695938400 (09/29/2023)
cve_nvd_summaryA vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-240904.A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-240904.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auS
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaVulDB
cvss2_nvd_basescore6.5
cvss3_nvd_basescore9.8
cvss3_cna_basescore6.3

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Do you know our Splunk app?

Download it now for free!