CVE-2023-3624

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 11, 2023
Updated: May 17, 2024
CWE ID 120

Summary

CVE-2023-3624 is a critical vulnerability affecting Nesote Inout Blockchain FiatExchanger 3.0. This issue lies in the POST Parameter Handler of an unspecified part of the /index.php/coins/update_marketboxslider file. An attacker can exploit this flaw by manipulating the marketcurrency argument to execute SQL injection. The vulnerability can be triggered remotely, and no response was received from the vendor after being notified early about the disclosure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share