Medicine Tracker System
CVE-2023-30458
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
A username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a valid username due to a different response time from invalid usernames. When one enters a valid username, the response time increases depending on the length of the supplied password.
AnalysisAI
A username enumeration issue was discovered in Medicine Tracker System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-203. A username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a valid username due to a different response time from invalid usernames. When one enters a valid username, the response time increases depending on the length of the supplied password. Affected products include: Medicine Tracker System Project Medicine Tracker System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Medicine Tracker System
View allA vulnerability was found in SourceCodester Medicine Tracking System 1.0. Rated critical severity (CVSS 9.8), this vulne
A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0.php? f=
A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracker System 1.0.php of t
A vulnerability was found in SourceCodester Medicine Tracker System 1.0. Rated medium severity (CVSS 6.9), this vulnerab
A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. Rated medium severi
A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. Rated medium severity
A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. Rated critic
A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. Rated medium severity (C
Medicine Tracker System in PHP 1.0.0 is vulnerable to SQL Injection. Rated high severity (CVSS 7.5), this vulnerability
Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this
Sourcecodester Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross Site Scripting (XSS) via page=about. Rated me
A vulnerability, which was classified as problematic, has been found in SourceCodester Medicine Tracker System 1.0. Rate
Same weakness CWE-203 – Observable Discrepancy
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today