Medium severity6.3NVD Advisory· Published Apr 11, 2023· Updated Jun 17, 2026
CVE-2023-1987
CVE-2023-1987
Description
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is the function update_order_status of the file /classes/Master.php?f=update_order_status. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225535.
Affected products
21.0+ 1 more
- (no CPE)range: 1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
3- github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/4-SQL%20injection%20present%20at%20order%20status%20update.pdfnvdExploitThird Party Advisory
- vuldb.comnvdThird Party Advisory
- vuldb.comnvdThird Party Advisory
News mentions
0No linked articles in our index yet.