关键漏洞信息 CVE ID: CVE-2023-2408 VDB ID: VDB-227702 Product: SourceCodester AC Repair and Services System 1.0 Vulnerability Type: SQL Injection Criticality: Critical Affected File: Affected Argument: CWE: CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')) MITRE ATT&CK: T1505 (SQL Injection - Use of a Vulnerable API) Disclosure Date: 04/28/2023 Advisory: Available on GitHub Exploit: Proof-of-concept available on GitHub Search for Vulnerable Targets: Suggested Mitigation No specific countermeasures mentioned. It is suggested to replace the affected object with an alternative product.