CVE-2023-0785

Published: Feb 12, 2023Modified: Mar 7, 2025

3.7

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.2 / Impact: 1.4

Source: NVD

Description

A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0. Affected by this vulnerability is an unknown functionality of the file check_availability.php. The manipulation of the argument username leads to exposure of sensitive information through data queries. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-220645 was assigned to this vulnerability.

Affected (1)

Products: Mayurik: Best Online News Portal

1 product

Best Online News Portal

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mayurik Best Online News Portal	Version 1.0

Related CWEs

Exposure of Sensitive Information Through Data Queries

When trying to keep information confidential, an attacker can often infer some of the information by using statistics.

References (6)

https://vuldb.com/?ctiid.220645

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.220645

Source: cna@vuldb.com

Third Party Advisory

https://youtu.be/n_BfBlsUIN8

Source: cna@vuldb.com

Exploit

https://vuldb.com/?ctiid.220645

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.220645

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://youtu.be/n_BfBlsUIN8

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.