Headline
CVE-2023-4407
A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/account_statement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-237511.
Related news
Credit Lite 1.5.4 SQL Injection
Credit Lite version 1.5.4 suffers from a remote SQL injection vulnerability.