CVE-2023-46023: SQL Injection
First published: Tue Nov 14 2023(Updated: )
SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 allows attackers to obtain sensitive information via the 'status' parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Code-Projects Simple Task List | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-46023?
CVE-2023-46023 is a SQL injection vulnerability in addTask.php in Code-Projects Simple Task List 1.0 that allows attackers to obtain sensitive information via the 'status' parameter.
How severe is CVE-2023-46023?
CVE-2023-46023 has a severity rating of medium, with a severity value of 6.5.
Which software is affected by CVE-2023-46023?
Code-Projects Simple Task List version 1.0 is affected by CVE-2023-46023.
How can an attacker exploit CVE-2023-46023?
An attacker can exploit CVE-2023-46023 by manipulating the 'status' parameter in addTask.php to inject malicious SQL code and obtain sensitive information.
Is there a fix for CVE-2023-46023?
To fix CVE-2023-46023, it is recommended to update Code-Projects Simple Task List to a patched version or apply the necessary security patches.
- collector/nvd-api
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/code-projects
- canonical/code-projects simple task list
- version/code-projects simple task list/1.0