CVE-2023-7189 | S-CMS up to 2.0_build20220529-20231006 index.php lid sql injection

Inserito da Angelo Barbosa | Dic 30, 2023 | CVE

A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006. Affected by this vulnerability is an unknown functionality of the file /s/index.php?action=statistics. The manipulation of the argument lid leads to sql injection.

This vulnerability is known as CVE-2023-7189. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-7189 | S-CMS up to 2.0_build20220529-20231006 index.php lid sql injection

Post correlati

CVE-2023-5958 | POST SMTP Mailer Plugin up to 2.7.0 on WordPress Email Message Content cross site scripting

CVE-2024-0781 | CodeAstro Internet Banking System 1.0 pages_client_signup.php Client Full Name redirect

CVE-2024-32957 | Live Composer Plugin up to 1.5.38 on WordPress authorization

CVE-2024-21180 | Oracle PeopleSoft Enterprise PT PeopleTools 8.59/8.60/8.61 OpenSearch Dashboard information disclosure