Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at save_ticket.php.
References
Link | Resource |
---|---|
https://www.sourcecodester.com/php/15951/raffle-draw-system-using-php-and-javascript-free-source-code.html | Product |
https://github.com/xiumulty/CVE/blob/main/Raffle%20draw%20system%20v1.0/sql%20in%20save_ticket.php.md | Exploit Third Party Advisory |
Configurations
Information
Published : 2023-02-06 07:15
Updated : 2023-02-09 20:51
NVD link : CVE-2023-24200
Mitre link : CVE-2023-24200
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
raffle_draw_system_project
- raffle_draw_system