28Ara
CVE-2023-7138 | code-projects Client Details System 1.0 HTTP POST Request /admin username sql injection
A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. This vulnerability is uniquely identified as CVE-2023-7138. The attack needs to be initiated within the local network. Furthermore, there is an exploit available.