CVE-2023-41507

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 5, 2023

Updated: Sep 8, 2023

CWE ID 89

Summary

CVE-2023-41507 affects the Super Store Finder v3.6 software, introducing multiple SQL injection vulnerabilities. These weaknesses can be exploited through the products, distance, lat, and lng parameters in the store locator component. Successful attacks could result in unauthorized access to sensitive data, modification of records, or even system takeover. Users are encouraged to update to the latest version of the software to mitigate these risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sgJIcS
https://www.cve.org/CVERecord?id=CVE-2023-41507
https://nvd.nist.gov/vuln/detail/CVE-2023-41507

Back to Vulnerability Database

CVE-2023-41507

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations