CVE-2023-4437
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Aug 20, 2023
Updated: May 17, 2024
CWE ID 74
Summary
CVE-2023-4437 is a critical vulnerability affecting the SourceCodester Inventory Management System 1.0. The issue lies in an unknown function of the file app/ajax/search_sell_paymen_report.php, which can be exploited through SQL injection. By manipulating the customer argument, attackers can launch remote attacks and potentially gain unauthorized access to sensitive data. This vulnerability, identified as VDB-237558, has been disclosed to the public, increasing the risk of exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Siemens AG