CVE-2023-1461

A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects the function query of the file createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. The attack can be initiated remotely. VDB-223306 is the identifier assigned to this vulnerability.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
6.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
VendorProductVersion
canteen_management_system_projectcanteen_management_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://blog.csdn.net/weixin_43864034/article/details/129622219
https://vuldb.com/?ctiid.223306
https://vuldb.com/?id.223306
https://blog.csdn.net/weixin_43864034/article/details/129622219
https://vuldb.com/?ctiid.223306
https://vuldb.com/?id.223306