PT-2023-27966 · Phpjabbers · Phpjabbers Business Directory Script
Published
2023-08-30
·
Updated
2023-09-05
·
CVE-2023-41539
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
phpjabbers Business Directory Script version 3.2
Description
The issue is related to SQL Injection via the
column parameter. This allows for potential manipulation of database queries.Recommendations
For phpjabbers Business Directory Script version 3.2, consider restricting access to the
column parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpjabbers Business Directory Script