CVE-2023-44163

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 28, 2023
Updated: Sep 30, 2023
CWE ID 89

Summary

CVE-2023-44163, also known as CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), is a critical vulnerability that affects the 'search' parameter of the process_search.php resource. It allows unvalidated characters to be sent directly to the database without any filtering, posing a high risk to the organization's integrity and confidentiality. This vulnerability has a base score of 9.8 and an impact score of 5.9 according to CVSS version 3.1, indicating its severity. The affected product is ljtqMG, and it is important for organizations to remediate this issue promptly by implementing proper input validation and sanitization techniques to prevent SQL injection attacks.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44163 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options