A vulnerability classified as critical was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file patient-report.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222661 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://vuldb.com/?ctiid.222661 | Third Party Advisory |
https://github.com/mhz2846415362/bug_report/blob/main/vendors/unyasoft/COVID%2019%20Testing%20Management%20System/SQLi-1.md | Exploit |
https://vuldb.com/?id.222661 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2023-03-09 14:15
Updated : 2023-03-14 09:07
NVD link : CVE-2023-1300
Mitre link : CVE-2023-1300
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
covid_19_testing_management_system_project
- covid_19_testing_management_system