Lucene search

PRIOn knowledge basePRION:CVE-2023-1300

HistoryMar 09, 2023 - 10:15 p.m.

Sql injection

2023-03-0922:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

sourcecodester

sql injection

remote attack

post parameter handler

patient report

nvd

vdb-222661

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.8%

JSON

A vulnerability classified as critical was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file patient-report.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222661 was assigned to this vulnerability.

CPENameOperatorVersion
covid_19_testing_management_systemeq1.0

CPE	Name	Operator	Version
	covid_19_testing_management_system	eq	1.0

References

github.com/mhz2846415362/bug_report/blob/main/vendors/unyasoft/COVID%2019%20Testing%20Management%20System/SQLi-1.md

vuldb.com/?ctiid.222661

vuldb.com/?id.222661