CVE-2023-45120

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 21, 2023
Updated: Feb 2, 2024
CWE ID 89

Summary

CVE-2023-45120 is a critical vulnerability affecting the Online Examination System v1.0. It is classified as an Authenticated SQL Injection vulnerability, specifically targeting the 'qid' parameter of the /update.php?q=quiz&step=2 resource. The vulnerability allows for unfiltered characters to be sent to the database, posing a high risk to both confidentiality and integrity. The base severity is rated as CRITICAL, with a base score of 9.8 out of 10. Remediation steps are not provided in the given information. This vulnerability has been reported by help@fluidattacks.com and has a CVSS vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45120 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options