First published: Wed Apr 24 2024(Updated: )
A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261822 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
SourceCodester Simple Subscription Website | ||
Oretnom23 Simple Subscription Website | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-4093 is classified as a critical vulnerability.
CVE-2024-4093 is a SQL injection vulnerability affecting the SourceCodester Simple Subscription Website.
CVE-2024-4093 affects version 1.0 of the SourceCodester Simple Subscription Website.
To fix CVE-2024-4093, ensure input validation and parameterized queries are implemented in the view_application.php file.
Yes, CVE-2024-4093 can be exploited remotely due to its nature as a SQL injection vulnerability.