Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-64069
HistoryAug 12, 2023 - 12:00 a.m.

NETGEAR DGN3500 Buffer Overflow Vulnerability

2023-08-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
netgear
dgn3500
buffer overflow
vulnerability
churchcrm
version v5.0.0
sql injection
validation
queryview.php
birthmonth
percls
attacker
illegal sql commands
sensitive database data
exploit

0.0004 Low

EPSS

Percentile

13.4%

JSON

ChurchCRM is an open source CRM system for churches. ChurchCRM version v5.0.0 suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the birthmonth and percls parameters in /QueryView.php. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.

CPENameOperatorVersion
netgear dgn3500 1.eq1.00.37

Related

cve 1
cvelist 1
prion 1
nvd 1
cve
cve
CVE-2023-38924
2023-08-07 19:15:10
cvelist
cvelist
CVE-2023-38924
2023-08-07 00:00:00
prion
prion
Buffer overflow
2023-08-07 19:15:00
nvd
nvd
CVE-2023-38924
2023-08-07 19:15:10

0.0004 Low

EPSS

Percentile

13.4%

JSON
Related for CNVD-2023-64069
cve1cvelist1prion1nvd1