Vulnerability CVE-2023-4871


Published: 2023-09-10

Description:
A vulnerability classified as critical was found in SourceCodester Contact Manager App 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument contact/contactName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239356.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://vuldb.com/?id.239356
https://vuldb.com/?ctiid.239356
https://skypoc.wordpress.com/2023/09/05/vuln1/

Copyright 2026, cxsecurity.com

 

Back to Top