CVE-2023-3149
Summary
| CVE | CVE-2023-3149 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-06-07 17:15:00 UTC |
| Updated | 2023-11-07 04:18:00 UTC |
| Description | A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-231018 is the identifier assigned to this vulnerability. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Online Discussion Forum Site Project | Online Discussion Forum Site | 1.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Vulnerability/Online Discussion Forum Site - multiple vulnerabilities.md at main · Peanut886/Vulnerability · GitHub | MISC | github.com | |
| Login required | MISC | vuldb.com | |
| CVE-2023-3149: SourceCodester Online Discussion Forum Site manage_user.php sql injection | MISC | vuldb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.