PT-2023-24462 · Bluecms · Bluecms
Published
2023-05-30
·
Updated
2025-01-13
·
CVE-2023-33734
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
BlueCMS version 1.6
Description
A SQL injection issue was found in BlueCMS via the
keywords parameter at the "search.php" endpoint.Recommendations
For BlueCMS version 1.6, avoid using the
keywords parameter in the "search.php" endpoint until the issue is resolved.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bluecms