CVE-2023-42359: SQL Injection
First published: Mon Sep 18 2023(Updated: )
SQL injection vulnerability in Exam Form Submission in PHP with Source Code v.1.0 allows a remote attacker to escalate privileges via the val-username parameter in /index.php.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Code-Projects Exam Form Submission | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-42359.
What is the severity of CVE-2023-42359?
The severity of CVE-2023-42359 is critical with a score of 9.8.
How does CVE-2023-42359 affect the Exam Form Submission in PHP with Source Code v.1.0?
CVE-2023-42359 allows a remote attacker to escalate privileges via the val-username parameter in /index.php.
How can I fix the SQL injection vulnerability in Exam Form Submission in PHP with Source Code v.1.0?
To fix the SQL injection vulnerability, you need to sanitize user input and use parameterized queries to prevent SQL injection attacks.
Is there any reference or further information about CVE-2023-42359?
Yes, you can find more information about CVE-2023-42359 at this link: [CVE-2023-42359 Reference](https://upbeat-washer-def.notion.site/Exam-Form-Submission-In-PHP-SQL-Injection-in-index-php-bd71962db712459488019d531ab2f6f2?pvs=4)
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- vendor/exam form submission in php with source code project
- canonical/code-projects exam form submission
- version/code-projects exam form submission/1.0