CVE-2023-0785

CWE-2023 documents3 sources
Severity
3.7LOW
EPSS
0.3%
top 51.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Best Online News PortalMayurik Best Online News Portal
Timeline
PublishedFeb 12

Description

A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file check_availability.php. The manipulation of the argument username leads to exposure of sensitive information through data queries. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-6636-xfj2-vp52: A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 12023-02-12
CVEList
SourceCodester Best Online News Portal check_availability.php information exposure2023-02-12
CVE-2023-0785 (LOW CVSS 3.7) | A vulnerability classified as probl | cvebase.io