CVE-2023-7126
HIGH WAF: High
CVSS 8.8
Published: 2023-12-28
CWE-89
A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability.
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| fabian | automated_voting_system | 1.0 |
References
- github.com (Exploit, Third Party Advisory)
- vuldb.com (Third Party Advisory)
- vuldb.com (Third Party Advisory)