CVE-2023-47253

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 6, 2023

Updated: Nov 14, 2023

CWE ID 77

Summary

CVE-2023-47253 is a newly disclosed vulnerability affecting Qualitor before version 8.21. Attackers can exploit this issue by sending malicious PHP code through the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. This allows them to execute arbitrary code remotely, posing a significant security risk for affected systems. The vulnerability can be potentially exploited for unauthorized system access, data theft, or further attacks against the organization's network. It is recommended that users upgrade their Qualitor installation as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tRw0r9
https://www.cve.org/CVERecord?id=CVE-2023-47253
https://nvd.nist.gov/vuln/detail/CVE-2023-47253

Back to Vulnerability Database

CVE-2023-47253

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations