Lucene search

CVE-2023-24219

🗓️ 17 Feb 2023 07:11:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 33 Views🌐 WEB

LuckyframeWEB v3.5 SQL injection via dataScope paramete

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
OSV	CVE-2023-24219	17 Feb 202307:15	–	osv
Cvelist	CVE-2023-24219	17 Feb 202300:00	–	cvelist
Vulnrichment	CVE-2023-24219	17 Feb 202300:00	–	vulnrichment
Prion	Sql injection	17 Feb 202307:15	–	prion
NVD	CVE-2023-24219	17 Feb 202307:15	–	nvd

Nvd

Node

luckyframe luckyframewebMatch3.5luckyframe

Source	Link
github	www.github.com/seagull1985/LuckyFrameWeb/issues/24

Parameter	Position	Path	Description	CWE
dataScope	query param	/system/UserMapper.xml	SQL injection vulnerability via the dataScope parameter.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Feb 2023 07:15Current

9.7High risk

Vulners AI Score9.7

CVSS39.8

EPSS0.00253

SSVC

CWE-89