{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-7128","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2023-12-28T07:51:56.245Z","datePublished":"2023-12-28T15:00:06.338Z","dateUpdated":"2024-08-02T08:50:08.267Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2023-12-28T15:00:06.338Z"},"title":"code-projects Voting System Admin Login sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"CWE-89 SQL Injection"}]}],"affected":[{"vendor":"code-projects","product":"Voting System","versions":[{"version":"1.0","status":"affected"}],"modules":["Admin Login"]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. This issue affects some unknown processing of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249131."},{"lang":"de","value":"Eine Schwachstelle wurde in code-projects Voting System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /admin/ der Komponente Admin Login. Durch die Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.8,"vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P"}}],"timeline":[{"time":"2023-12-28T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2023-12-28T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2023-12-28T08:57:13.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Hamdi Sevben (VulDB User)","type":"analyst"}],"references":[{"url":"https://vuldb.com/?id.249131","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.249131","tags":["signature","permissions-required"]},{"url":"https://github.com/h4md153v63n/CVEs/blob/main/Voting_System/Voting_System-SQL_Injection-1.md","tags":["exploit"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:50:08.267Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.249131","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.249131","tags":["signature","permissions-required","x_transferred"]},{"url":"https://github.com/h4md153v63n/CVEs/blob/main/Voting_System/Voting_System-SQL_Injection-1.md","tags":["exploit","x_transferred"]}]}]}}