A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Affected is an unknown function of the file /admin/budget/manage_budget.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-229278 is the identifier assigned to this vulnerability.
History

Fri, 22 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-05-17T18:31:04.581Z

Updated: 2024-11-22T19:50:41.130Z

Reserved: 2023-05-17T16:53:40.265Z

Link: CVE-2023-2772

cve-icon Vulnrichment

Updated: 2024-08-02T06:33:05.464Z

cve-icon NVD

Status : Modified

Published: 2023-05-17T19:15:09.277

Modified: 2024-11-21T07:59:15.760

Link: CVE-2023-2772

cve-icon Redhat

No data.