Lucene search

MitreCVE-2023-39551

HistoryAug 04, 2023 - 7:15 p.m.

CVE-2023-39551

2023-08-0419:15:10

CWE-89

mitre

web.nvd.nist.gov

cve-2023-39551

phpgurukul

online security guards hiring system

sql injection

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

44.3%

JSON

PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.

Affected configurations

Nvd

Node

phpgurukulonline_security_guards_hiring_systemMatch1.0

VendorProductVersionCPE
phpgurukulonline_security_guards_hiring_system1.0cpe:2.3:a:phpgurukul:online_security_guards_hiring_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpgurukul	online_security_guards_hiring_system	1.0	cpe:2.3:a:phpgurukul:online_security_guards_hiring_system:1.0:::::::*

References

github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md

nvd.nist.gov/vuln/detail/CVE-2023-39551

www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1

www.chtsecurity.com/news/285b9375-ba65-4f61-a02a-a575337dc86c

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

44.3%

JSON

Related for CVE-2023-39551