Critical SQL Injection Vulnerability in SourceCodester Earnings and Expense Tracker App 1.0 (VDB-224700)

Critical SQL Injection Vulnerability in SourceCodester Earnings and Expense Tracker App 1.0 (VDB-224700)

CVE-2023-1785 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as critical. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-224700.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.