### Vulnerability Key Information Summary - **Vulnerability ID**: - VDB-226105 - CVE-2023-2097 - GCVE-100-226105 - **System and Version**: - SourceCodester Vehicle Service Management System 1.0 - **Vulnerability Type**: - SQL Injection (CWE-89) - **Affected File**: - `/classes/Master.php` - **Severity Level**: - Critical - **Attack Vector**: - Remote exploitation is possible - **Vulnerability Description**: - Manipulation of the argument `id` with an unknown input causes SQL injection. - **Impact**: - Known to affect confidentiality, integrity, and availability. - **Public Information**: - Vulnerability disclosed on 04/15/2023 - Public exploit and technical details available on GitHub - Possible to find vulnerable targets via Google Hacking with query `inurl:classes/Master.php` - **Recommended Actions**: - Replace the affected object with an alternative product. - No specific countermeasures known.