A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-2.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.249130 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.249130 | Third Party Advisory |
Configurations
History
05 Jan 2024, 16:41
Type | Values Removed | Values Added |
---|---|---|
First Time |
Code-projects automated Voting System
Code-projects |
|
CPE | cpe:2.3:a:code-projects:automated_voting_system:1.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
References | () https://vuldb.com/?id.249130 - Third Party Advisory | |
References | () https://vuldb.com/?ctiid.249130 - Permissions Required, Third Party Advisory | |
References | () https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-2.md - Exploit, Third Party Advisory |
28 Dec 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-28 15:15
Updated : 2024-05-17 02:34
NVD link : CVE-2023-7127
Mitre link : CVE-2023-7127
CVE.ORG link : CVE-2023-7127
JSON object : View
Products Affected
code-projects
- automated_voting_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')