CVE-2023-4449

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 21, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-4449 is a critical vulnerability affecting SourceCodester's Free and Open Source Inventory Management System version 1.0. An unknown function in the file /index.php?page=member contains a SQL injection flaw, which can be exploited by manipulating the argument columns[0][data]. This vulnerability enables attackers to launch remote attacks, and the exploit has already been disclosed to the public. Vulnerability database VDB assigns the identifier VDB-237570 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sZ24yn
https://www.cve.org/CVERecord?id=CVE-2023-4449
https://nvd.nist.gov/vuln/detail/CVE-2023-4449

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2023-4449

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations