First published: Thu Nov 30 2023(Updated: )
SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manage_user&id file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Oretnom23 Packers And Movers Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-46956 is a SQL injection vulnerability found in Packers and Movers Management System v.1.0.
The SQL injection vulnerability allows a remote attacker to execute arbitrary code by sending a crafted payload to the /mpms/admin/?page=user/manage_user&id file.
CVE-2023-46956 has a severity rating of 7.2 (high).
The SQL injection vulnerability can be exploited by an attacker sending a crafted payload to the /mpms/admin/?page=user/manage_user&id file.
To fix CVE-2023-46956, it is recommended to update Packers and Movers Management System to a version that has patched the SQL injection vulnerability.