Lucene search
HistoryApr 17, 2023 - 1:15 p.m.
CVE-2023-27733
cve-2023-27733
dedecms
sql injection
sys_sql_query.php
vulnerability
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
44.6%
DedeCMS v5.7.106 was discovered to contain a SQL injection vulnerability via the component /dede/sys_sql_query.php.
Affected configurations
Node
dedecmsdedecmsMatch5.7.106
| CPE | Name | Operator | Version |
|---|---|---|---|
| dedecms:dedecms | dedecms | eq | 5.7.106 |
Related
prion
prion
Sql injection
2023-04-17 13:15:00
cvelist
cvelist
CVE-2023-27733
2023-04-17 00:00:00
nvd
nvd
CVE-2023-27733
2023-04-17 13:15:38
openvas
openvas
DedeCMS <= 5.7.107 Multiple Vulnerabilities
2023-04-28 00:00:00
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
44.6%
Related for CVE-2023-27733