Published: 29/12/2023 Updated: 05/01/2024

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

Subscribe to Customer Support System Project

Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name.

Vulnerable Product	Search on Vulmon	Subscribe to Product
customer support system project customer support system 1.0

Check Point Reference: CPAI-2023-1582 Date Published: 17 Mar 2024 Severity: High ...

Customer Support System version 10 suffers from a remote SQL injection vulnerability in /customer_support/ajaxphp Original discovery of SQL injection in this version is attributed to Ahmed Abbas in November of 2020 ...

Multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department in Customer Support System 1.0 allow authenticated attackers to execute arbitrary SQL commands via id or name.

CVE-2023-50071 Customer Support System 10 - Multiple SQL injection vulnerabilities - save_department Description: Multiple SQL injection vulnerabilities in /customer_support/ajaxphp?action=save_department in Customer Support System 10 allow authenticated attackers to execute arbitrary SQL commands via id or name Vulnerable Product Version: Customer Support System 1

CWE-89 https://github.com/geraldoalcantara/CVE-2023-50071 https://medium.com/%40geraldoalcantarapro/cve-2023-50071-a20767cb3c7b https://nvd.nist.gov https://github.com/geraldoalcantara/CVE-2023-50071 https://packetstormsecurity.com/files/177443/Customer-Support-System-1.0-SQL-Injection.html https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1582.html

CVE-2023-50071

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect