/

CVE-2023-1987 Report - Details, Severity, & Advisories

CVE-2023-1987 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

A critical vulnerability, CVE-2023-1987, has been discovered in the SourceCodester Online Computer and Laptop Store 1.0, affecting the update order status function in the Master.php file. This vulnerability, classified as a SQL injection, can be exploited remotely and has been disclosed to the public. The issue impacts a variety of systems, specifically those running the affected software. With a severity rating of 7.2 HIGH according to the National Vulnerability Database (NVD), it is crucial for users to be aware of this vulnerability and take necessary precautions.

How do I know if I'm affected?

If you're using SourceCodester Online Computer and Laptop Store 1.0, you may be affected by the CVE-2023-1987 vulnerability. This issue is found in the update order status function of the Master.php file. To determine if you're impacted, check if your system runs the affected software configuration: cpe:2.3:a:oretnom23:online\_computer\_and\_laptop\_store:1.0 No information about affected Apple product versions is available from the provided sources.

What should I do if I'm affected?

If you're affected by the CVE-2023-1987 vulnerability, it's important to act quickly. Unfortunately, no specific steps to mitigate this vulnerability are available. However, considering its severity, it's advisable to replace the affected software with an alternative product to ensure your system's security.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1987 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical SQL injection vulnerability affects the SourceCodester Online Computer and Laptop Store 1.0 software. It was published on April 11, 2023, but no due date or required action is provided. Users are advised to refer to available advisories, solutions, and tools for mitigation strategies.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89 is an SQL injection issue affecting the update order status function in SourceCodester Online Computer and Laptop Store 1.0, compromising confidentiality, integrity, and availability.

For more details

For a comprehensive understanding of its description, severity, technical details, and affected software configurations, refer to the NVD page or the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-1987 Report - Details, Severity, & Advisories

CVE-2023-1987 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

A critical vulnerability, CVE-2023-1987, has been discovered in the SourceCodester Online Computer and Laptop Store 1.0, affecting the update order status function in the Master.php file. This vulnerability, classified as a SQL injection, can be exploited remotely and has been disclosed to the public. The issue impacts a variety of systems, specifically those running the affected software. With a severity rating of 7.2 HIGH according to the National Vulnerability Database (NVD), it is crucial for users to be aware of this vulnerability and take necessary precautions.

How do I know if I'm affected?

If you're using SourceCodester Online Computer and Laptop Store 1.0, you may be affected by the CVE-2023-1987 vulnerability. This issue is found in the update order status function of the Master.php file. To determine if you're impacted, check if your system runs the affected software configuration: cpe:2.3:a:oretnom23:online\_computer\_and\_laptop\_store:1.0 No information about affected Apple product versions is available from the provided sources.

What should I do if I'm affected?

If you're affected by the CVE-2023-1987 vulnerability, it's important to act quickly. Unfortunately, no specific steps to mitigate this vulnerability are available. However, considering its severity, it's advisable to replace the affected software with an alternative product to ensure your system's security.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1987 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical SQL injection vulnerability affects the SourceCodester Online Computer and Laptop Store 1.0 software. It was published on April 11, 2023, but no due date or required action is provided. Users are advised to refer to available advisories, solutions, and tools for mitigation strategies.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89 is an SQL injection issue affecting the update order status function in SourceCodester Online Computer and Laptop Store 1.0, compromising confidentiality, integrity, and availability.

For more details

For a comprehensive understanding of its description, severity, technical details, and affected software configurations, refer to the NVD page or the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-1987 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

A critical vulnerability, CVE-2023-1987, has been discovered in the SourceCodester Online Computer and Laptop Store 1.0, affecting the update order status function in the Master.php file. This vulnerability, classified as a SQL injection, can be exploited remotely and has been disclosed to the public. The issue impacts a variety of systems, specifically those running the affected software. With a severity rating of 7.2 HIGH according to the National Vulnerability Database (NVD), it is crucial for users to be aware of this vulnerability and take necessary precautions.

How do I know if I'm affected?

If you're using SourceCodester Online Computer and Laptop Store 1.0, you may be affected by the CVE-2023-1987 vulnerability. This issue is found in the update order status function of the Master.php file. To determine if you're impacted, check if your system runs the affected software configuration: cpe:2.3:a:oretnom23:online\_computer\_and\_laptop\_store:1.0 No information about affected Apple product versions is available from the provided sources.

What should I do if I'm affected?

If you're affected by the CVE-2023-1987 vulnerability, it's important to act quickly. Unfortunately, no specific steps to mitigate this vulnerability are available. However, considering its severity, it's advisable to replace the affected software with an alternative product to ensure your system's security.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-1987 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This critical SQL injection vulnerability affects the SourceCodester Online Computer and Laptop Store 1.0 software. It was published on April 11, 2023, but no due date or required action is provided. Users are advised to refer to available advisories, solutions, and tools for mitigation strategies.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-89 is an SQL injection issue affecting the update order status function in SourceCodester Online Computer and Laptop Store 1.0, compromising confidentiality, integrity, and availability.

For more details

For a comprehensive understanding of its description, severity, technical details, and affected software configurations, refer to the NVD page or the resources listed below.