CVE-2023-53926

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PHPJabbers Simple CMS version 5.0

Description The software contains a SQL injection issue in the 'column' parameter. Attackers can inject crafted SQL payloads through the 'column' parameter in the ''index.php'' endpoint to potentially extract or modify database information. The vulnerable parameter is column.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2023-53926

Affected Products

Phpjabbers Simple Cms

CVE-2023-53926

Weakness Enumeration

Related Identifiers

Affected Products

References · 8