{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-7127","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2023-12-28T07:47:07.203Z","datePublished":"2023-12-28T14:31:03.760Z","dateUpdated":"2024-08-02T08:50:08.135Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2023-12-28T14:31:03.760Z"},"title":"code-projects Automated Voting System Login sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"CWE-89 SQL Injection"}]}],"affected":[{"vendor":"code-projects","product":"Automated Voting System","versions":[{"version":"1.0","status":"affected"}],"modules":["Login"]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as critical was found in code-projects Automated Voting System 1.0. This vulnerability affects unknown code of the component Login. The manipulation of the argument idno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249130 is the identifier assigned to this vulnerability."},{"lang":"de","value":"In code-projects Automated Voting System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Komponente Login. Mit der Manipulation des Arguments idno mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.8,"vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P"}}],"timeline":[{"time":"2023-12-28T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2023-12-28T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2023-12-28T08:52:26.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Hamdi Sevben (VulDB User)","type":"analyst"}],"references":[{"url":"https://vuldb.com/?id.249130","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.249130","tags":["signature","permissions-required"]},{"url":"https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-2.md","tags":["exploit"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:50:08.135Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.249130","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.249130","tags":["signature","permissions-required","x_transferred"]},{"url":"https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-2.md","tags":["exploit","x_transferred"]}]}]}}