Vulnerability Details CVE-2023-7126
A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.5%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 5.8
References
- https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-1.md
- https://vuldb.com/?ctiid.249129
- https://vuldb.com/?id.249129
- https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-1.md
- https://vuldb.com/?ctiid.249129
- https://vuldb.com/?id.249129
Products affected by CVE-2023-7126
-
cpe:2.3:a:code-projects:automated_voting_system:1.0