{"api_version":"1","generated_at":"2026-04-26T05:27:01+00:00","cve":"CVE-2023-0980","urls":{"html":"https://cve.report/CVE-2023-0980","api":"https://cve.report/api/cve/CVE-2023-0980.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-0980","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-0980"},"summary":{"title":"CVE-2023-0980","description":"A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/registrations/update_status.php of the component Status Update Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221675.","state":"PUBLIC","assigner":"cna@vuldb.com","published_at":"2023-02-23 12:15:00","updated_at":"2023-11-07 04:02:00"},"problem_types":["CWE-89"],"metrics":[],"references":[{"url":"https://vuldb.com/?ctiid.221675","name":"https://vuldb.com/?ctiid.221675","refsource":"MISC","tags":[],"title":"Login required","mime":"text/html","httpstatus":"401","archivestatus":"404"},{"url":"https://vuldb.com/?id.221675","name":"https://vuldb.com/?id.221675","refsource":"MISC","tags":[],"title":"Login required","mime":"text/html","httpstatus":"401","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-0980","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0980","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"980","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"yoga_class_registration_system_project","cpe5":"yoga_class_registration_system","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-0980","ASSIGNER":"cna@vuldb.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/registrations/update_status.php of the component Status Update Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221675."},{"lang":"deu","value":"Eine kritische Schwachstelle wurde in SourceCodester Yoga Class Registration System 1.0 gefunden. Davon betroffen ist unbekannter Code der Datei admin/registrations/update_status.php der Komponente Status Update Handler. Durch die Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-89 SQL Injection","cweId":"CWE-89"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"SourceCodester","product":{"product_data":[{"product_name":"Yoga Class Registration System","version":{"version_data":[{"version_affected":"=","version_value":"1.0"}]}}]}}]}},"references":{"reference_data":[{"url":"https://vuldb.com/?id.221675","refsource":"MISC","name":"https://vuldb.com/?id.221675"},{"url":"https://vuldb.com/?ctiid.221675","refsource":"MISC","name":"https://vuldb.com/?ctiid.221675"}]},"credits":[{"lang":"en","value":"mroz1l (VulDB User)"}],"impact":{"cvss":[{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"},{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"},{"version":"2.0","baseScore":6.5,"vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}]}},"nvd":{"publishedDate":"2023-02-23 12:15:00","lastModifiedDate":"2023-11-07 04:02:00","problem_types":["CWE-89"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:yoga_class_registration_system_project:yoga_class_registration_system:1.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}