CVE-2023-3687

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 16, 2023

Updated: May 17, 2024

CWE ID 59

Summary

CVE-2023-3687 is a critical vulnerability affecting Bylancer QuickVCard 2.1. The issue lies in the component's GET Parameter Handler, which processes the file /blog. Manipulation of the argument s permits an attacker to execute SQL injection, potentially allowing remote exploitation. The vulnerability has been assigned the identifier VDB-234233. Despite early disclosure, the vendor has yet to respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzrRdN
https://www.cve.org/CVERecord?id=CVE-2023-3687
https://nvd.nist.gov/vuln/detail/CVE-2023-3687

Back to Vulnerability Database

CVE-2023-3687

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations