CVE-2023-2689: SourceCodester Billing Management System GET Parameter editproduct.php sql injection
First published: Sun May 14 2023(Updated: )
A vulnerability classified as critical was found in SourceCodester Billing Management System 1.0. This vulnerability affects unknown code of the file editproduct.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228970 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Billing Management System Project Billing Management System | =1.0 | |
| Oretnom23 Establishment Billing Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/title
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/billing management system project
- canonical/billing management system project billing management system
- version/billing management system project billing management system/1.0
- vendor/oretnom23
- canonical/oretnom23 establishment billing management system
- version/oretnom23 establishment billing management system/1.0