Lucene search
INCDVULNRICHMENT:CVE-2023-39378HistorySep 26, 2023 - 9:23 a.m.
CVE-2023-39378 SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') by an unauthenticated user
2023-09-2609:23:48
CWE-89
INCD
github.com
1
siberiancms
sql injection
vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
SiberianCMS - CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) by an unauthenticated user
Related
osv
osv
CVE-2023-39378
2023-09-27 15:18:56
prion
prion
Sql injection
2023-09-27 15:18:00
nvd
nvd
CVE-2023-39378
2023-09-27 15:18:56
cve
cve
CVE-2023-39378
2023-09-27 15:18:56
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-39378