CVE-2023-51951

2024-02-0521:15:11

CWE-89

mitre

web.nvd.nist.gov

cve-2023-51951

sql injection

stock management system

remote code execution

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.9%

JSON

SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file.

Affected configurations

Nvd

Node

stock_management_system_projectstock_management_systemMatch1.0

VendorProductVersionCPE
stock_management_system_projectstock_management_system1.0cpe:2.3:a:stock_management_system_project:stock_management_system:1.0:*:*:*:*:*:*:*