CVE-2023-7096

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 25, 2023
Updated: May 17, 2024
CWE ID 89

Summary

CVE-2023-7096 is a critical vulnerability affecting the Faculty Management System 1.0 developed by code-projects. The issue lies in an unknown functionality of the file /admin/php/crud.php, where a sql injection vulnerability can be exploited by manipulating the argument fieldname. This attack can be executed remotely, making it a significant security concern. The exploit for this vulnerability (VDB-248948) has been made public, increasing the risk of its usage by malicious actors.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share