QwikSec

Security Database

CVE

CWE

Training

CVE-2023-33584

Published: Jun 21, 2023

Modified: Sep 16, 2024

PUBLISHED

Description

Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.sourcecodester.com/php/14444/enrollment-system-project-source-code-using-phpmysql.html

http://packetstormsecurity.com/files/172718/Enrollment-System-Project-1.0-Authentication-Bypass-SQL-Injection.html

https://www.exploit-db.com/exploits/51501

https://packetstormsecurity.com/files/cve/CVE-2023-33584

https://github.com/sudovivek/My-CVE/blob/main/CVE-2023-33584_exploit.md

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.