CVE-2023-48078

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 17, 2023

Updated: Aug 14, 2024

CWE ID 89

Summary

CVE-2023-48078 is a newly disclosed SQL Injection vulnerability that affects the "add.php" file in the Simple CRUD Functionality v1.0 application. This issue permits attackers to inject malicious SQL commands into the system by manipulating the 'title' parameter. Successful exploitation could lead to unauthorized data access, modification, or even complete system compromise. It is crucial for users to apply the necessary patch or upgrade to a more secure version of the software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Code Projects

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tYovGq
https://www.cve.org/CVERecord?id=CVE-2023-48078
https://nvd.nist.gov/vuln/detail/CVE-2023-48078

Back to Vulnerability Database

CVE-2023-48078

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations