CVE-2023-49030

Name of the Vulnerable Software and Affected Versions 32ns KLive versions 2019-1-19 and earlier

Description The issue allows a remote attacker to obtain sensitive information via a crafted script to the "web/user.php" component. This is achieved through a SQL Injection attack, which enables the attacker to manipulate database queries.

Recommendations For versions 2019-1-19 and earlier, consider restricting access to the "web/user.php" component until a fix is available. As a temporary workaround, avoid using user-input data in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.