CVE-2023-7177

Summary

A critical vulnerability, named CVE-2023-7177, has been identified in Campcodes Online College Library System 1.0. This vulnerability affects the /admin/book_add.php file's unknown code in the HTTP POST Request Handler component, leading to SQL injection through manipulation of the category argument. The exploit can be initiated remotely and has been disclosed to the public, increasing the potential danger it poses. The vulnerability has a base severity of MEDIUM and a score of 4.7 according to CVSS version 3.1. It requires high privileges and does not require user interaction. The impact includes low integrity and confidentiality levels, while the attack vector is through the network with low complexity. Remediation measures are not provided, but organizations should take immediate action to mitigate this vulnerability in order to prevent potential exploitation and unauthorized access to their systems and data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.