CVE-2023-2642
Description
A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/facebox_modal/updateCourse.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228771.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.066
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are fixed in Adobe Acrobat Reader DC (23.001.20143) | Windows |
| Multiple Vulnerabilities are fixed in Adobe Acrobat Reader DC (x64) (23.001.20143) | Windows |
| Multiple Vulnerabilities are fixed in Adobe Acrobat Reader DC MUI (23.001.20143) | Windows |
| Multiple Vulnerabilities are fixed in Adobe Acrobat Reader DC MUI (x64) (23.001.20143) | Windows |
| Multiple Vulnerabilities are fixed in Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (23.001.20143) | Windows |
| Multiple Vulnerabilities are fixed in Adobe Acrobat DC (64-bit) (23.001.20143) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-330072 | Adobe Acrobat Reader DC (23.001.20143) |
| PATCH-330073 | Adobe Acrobat Reader DC (x64) (23.001.20143) |
| PATCH-330074 | Adobe Acrobat Reader DC MUI (23.001.20143) |
| PATCH-330070 | Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (23.001.20143) |
| PATCH-330069 | Adobe Acrobat DC (64-bit) (23.001.20143) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234