2 matches found
Credit Lite 1.5.4 SQL Injection Vulnerability
Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4407...
CVE-2023-4407
CVE-2023-4407 affects Codecanyon Credit Lite 1.5.4. The vulnerability resides in the POST /portal/reports/account_statement endpoint, where manipulated date1/date2 parameters enable SQL injection. Exploitation is described as remotely possible via the affected endpoint; multiple sources corrobora...