Lucene search

CVE-2023-0913

🗓️ 18 Feb 2023 20:11:15Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 69 Views🌐 WEB

Vulnerability in SourceCodester Auto Dealer Management System 1.0 allows remote sql injection via id argument manipulatio

Reporter	Title	Published	Views	Family All 7
0day.today	Auto Dealer Management System v1.0 - SQL Injection Vulnerability (2)	6 Apr 202300:00	–	zdt
0day.today	Auto Dealer Management System 1.0 SQL Injection Vulnerability	27 Feb 202300:00	–	zdt
Exploit DB	Auto Dealer Management System v1.0 - SQL Injection in sell_vehicle.php	6 Apr 202300:00	–	exploitdb
NVD	CVE-2023-0913	18 Feb 202320:15	–	nvd
Cvelist	CVE-2023-0913 SourceCodester Auto Dealer Management System sql injection	18 Feb 202319:34	–	cvelist
Prion	Sql injection	18 Feb 202320:15	–	prion
Packet Storm	Auto Dealer Management System 1.0 SQL Injection	24 Feb 202300:00	–	packetstorm

Nvd

Vulners

Node

auto_dealer_management_system_project auto_dealer_management_systemMatch1.0

[
  {
    "vendor": "SourceCodester",
    "product": "Auto Dealer Management System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/navaidzansari/CVE_Demo/blob/main/2023/Auto%20Dealer%20Management%20System%20-%20SQL%20Injection%20-%202.md
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
id	query param	/adms/admin/?page=vehicles/view_transaction&id=*	SQL Injection vulnerability allowing low-privileged users to access sensitive system data.	CWE-89
id	query param	/adms/admin/?page=vehicles/sell_vehicle&id=*	SQL Injection vulnerability allowing low-privileged users to access sensitive system data.	CWE-89
id	query param	/adms/admin/?page=user/manage_user&id=*	SQL Injection vulnerability allowing low-privileged users to access sensitive system data despite lack of explicit access.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Feb 2023 20:15Current

6.9Medium risk

Vulners AI Score6.9

CVSS25.8

CVSS34.7 - 8.8

EPSS0.00278

CWE-89