Online Graduate Tracer System
CVE-2023-1854
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224994 is the identifier assigned to this vulnerability.
AnalysisAI
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-613. A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224994 is the identifier assigned to this vulnerability. Affected products include: Online Graduate Tracer System Project Online Graduate Tracer System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Rated critical
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. Rated critical severity (CVSS 9.8), this
A vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. R
A vulnerability classified as critical was found in SourceCodester Online Graduate Tracer System 1.0. Rated critical sev
A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Rated critica
Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL Injection via the "request" parameter in admin/fe
Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL Injection via the "id" parameter in admin/admin_c
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Rat
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. Rated medium severity (CVSS 6.9), this vu
A vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. R
A vulnerability, which was classified as critical, was found in SourceCodester Online Graduate Tracer System up to 1.0.
Same weakness CWE-613 – Insufficient Session Expiration
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today