Sales Tracker Management System
CVE-2023-0999
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. This vulnerability affects unknown code of the file admin/?page=user/list. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221734 is the identifier assigned to this vulnerability.
AnalysisAI
A vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. A vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. This vulnerability affects unknown code of the file admin/?page=user/list. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221734 is the identifier assigned to this vulnerability. Affected products include: Sales Tracker Management System Project Sales Tracker Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. Rated critical severity (CVSS 9.8), thi
A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. Rated c
A vulnerability, which was classified as critical, was found in SourceCodester Sales Tracker Management System 1.0. Rate
A vulnerability, which was classified as critical, has been found in SourceCodester Sales Tracker Management System 1.0.
Cross Site Scripting vulnerability found in Sales Tracker Management System v.1.0 allows a remote attacker to gain privi
A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. Rated criti
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. Rated medium severity (CVSS 4.8), this
A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. Rated high
An issue found in Sales Tracker Management System v.1.0 allows a remote attacker to access sensitive information via sal
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today