CVE-2023-6310 MEDIUM

CVE-2023-6310: SourceCodester Loan Management System deleteBorrower.php delete_borrower sql injection

Vendor Sourcecodester
Product Loan Management System
Weakness CWE-89 · SQLi
Published November 27, 2023
Last update August 29, 2024
View on NVD All CVEs

CVSS base score

4.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability has been found in SourceCodester Loan Management System 1.0 and classified as critical. This vulnerability affects the function delete_borrower of the file deleteBorrower.php. The manipulation of the argument borrower_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246136.

Key dates

02Disclosure timeline

November 27, 2023 CVE published
August 29, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-47537 WordPress PDF Invoice Builder for WooCommerce plugin <= 5.3.8 - SQL Injection Vulnerability CVE-2024-55987 WordPress Advanced What should we write next about plugin <= 1.0.3 - SQL Injection vulnerability CVE-2023-2677 SourceCodester Covid-19 Contact Tracing System manage.php sql injection CVE-2025-1192 SourceCodester Multi Restaurant Table Reservation System select-menu.php sql injection CVE-2025-3267 qinguoyi TinyWebServer http_conn.cpp sql injection