{"vulnerability": "CVE-2023-1358", "sightings": [{"uuid": "24f4a638-ce9d-40a8-9556-db0e9167c008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-1358", "type": "seen", "source": "https://t.me/cibsecurity/59875", "content": "\u203c CVE-2023-1358 \u203c\n\nA vulnerability, which was classified as critical, was found in SourceCodester Gadget Works Online Ordering System 1.0. This affects an unknown part of the file /philosophy/admin/login.php of the component POST Parameter Handler. The manipulation of the argument user_email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222861 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-12T15:40:10.000000Z"}]}