CVE-2023-5266

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Sep 29, 2023

Updated: Apr 11, 2024

CWE ID 89

Summary

CVE-2023-5266 is a critical vulnerability found in DedeBIZ 6.2, affecting an unknown part of the file /src/admin/tags_main.php. The vulnerability allows for remote SQL injection through manipulation of the argument ids. The exploit has been disclosed to the public and can be utilized by attackers. It poses a potential danger to organizations using DedeBIZ 6.2 as it could lead to unauthorized access and manipulation of the database. Remediation should involve updating to a patched version of DedeBIZ or implementing appropriate security measures to mitigate the risk of SQL injection attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s1CrYm
https://www.cve.org/CVERecord?id=CVE-2023-5266
https://nvd.nist.gov/vuln/detail/CVE-2023-5266

Back to Vulnerability Database

CVE-2023-5266

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations