CVE-2023-48863

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 89

Summary

CVE-2023-48863 is a SQL Injection vulnerability affecting SEMCMS 3.9. The weakness lies in the application's inadequate input security checks, enabling attackers to inject malicious SQL commands into the background database engine. By sending malicious data as commands or query statements, attackers can manipulate the interpreter to execute unintended commands or gain unauthorized access to sensitive data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sx8GLz
https://www.cve.org/CVERecord?id=CVE-2023-48863
https://nvd.nist.gov/vuln/detail/CVE-2023-48863

Back to Vulnerability Database

CVE-2023-48863

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations