CVE-2023-3795

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 20, 2023

Updated: May 17, 2024

CWE ID 352

Summary

CVE-2023-3795 is a critical vulnerability identified in the Bug Finder ChainCity Real Estate Investment Platform 1.0. This issue lies in an unknown functionality of the file /property within the GET Parameter Handler. Manipulation of the argument name allows for SQL injection to occur. Vulnerability identifier VDB-235062 documents this finding. Despite early disclosure, the vendor has yet to respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r94wWH
https://www.cve.org/CVERecord?id=CVE-2023-3795
https://nvd.nist.gov/vuln/detail/CVE-2023-3795

Back to Vulnerability Database

CVE-2023-3795

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations