CVE-2023-4407

CVSS Score of 10 (low)

Details

Published Aug 18, 2023

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2023-4407 is a critical vulnerability found in Codecanyon Credit Lite 1.5.4. The vulnerability affects the /portal/reports/account_statement file of the POST Request Handler component, allowing for SQL injection through manipulation of the date1/date2 argument. The attack can be launched remotely, posing a potential danger to organizations using the affected product. Remediation for this vulnerability is not provided in the source text.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rpEEA2
https://www.cve.org/CVERecord?id=CVE-2023-4407
https://nvd.nist.gov/vuln/detail/CVE-2023-4407

Back to Vulnerability Database

CVE-2023-4407

CVSS Score of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations