CVE-2023-5794

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 26, 2023
Updated: May 17, 2024
CWE ID 89

Summary

CVE-2023-5794 is a newly identified critical vulnerability in PHPGurukul Online Railway Catering System 1.0. The issue lies within an unnamed function of the index.php file in the Login component. An attacker can exploit this vulnerability through manipulation of the username argument, leading to SQL injection. This attack can be executed remotely, making it a significant threat. The identifier for this vulnerability is VDB-243600.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share