First published: Sun Feb 19 2023(Updated: )
A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer Relationship Management System 1.0. This affects an unknown part of the file /php-scrm/login.php. The manipulation of the argument Password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221493 was assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Simple Customer Relationship Management System Project Simple Customer Relationship Management System | =1.0 | |
=1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-0917 is a critical SQL injection vulnerability in the login.php file of SourceCodester Simple Customer Relationship Management System 1.0.
The severity of CVE-2023-0917 is critical with a severity score of 9.8.
CVE-2023-0917 affects an unknown part of the file /php-scrm/login.php in SourceCodester Simple Customer Relationship Management System 1.0.
The CWE ID of CVE-2023-0917 is 89, which stands for Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').
To fix the SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System 1.0, it is recommended to apply the latest security patch or update provided by the software vendor.