CVE-2023-49688
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Dec 22, 2023
Updated: Dec 27, 2023
CWE ID 89
Summary
CVE-2023-49688: The Job Portal v1.0 is found to have unauthenticated SQL injection vulnerabilities. The 'txtUser' parameter in the login.php resource fails to validate user input, allowing attackers to inject malicious SQL commands directly into the database. This weakness could result in unauthorized access to sensitive data or even system takeover. Unfiltered user input poses a significant risk to the security of the portal.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
Note: This is just a basic overview providing quick insights into CVE-2023-49688 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions