Vulnerability Details CVE-2023-5260
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file group_validator.php. The manipulation of the argument club_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240869 was assigned to this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.7%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
- https://github.com/E1even-321/Membership-System/blob/main/Simple-Membership-System%20group_validator.php%20has%20Sqlinjection.pdf
- https://vuldb.com/?ctiid.240869
- https://vuldb.com/?id.240869
- https://github.com/E1even-321/Membership-System/blob/main/Simple-Membership-System%20group_validator.php%20has%20Sqlinjection.pdf
- https://vuldb.com/?ctiid.240869
- https://vuldb.com/?id.240869
Products affected by CVE-2023-5260
-
cpe:2.3:a:razormist:simple_membership_system:1.0