Lucene search

[email protected]CVE-2023-40629

HistoryDec 14, 2023 - 9:15 a.m.

CVE-2023-40629

2023-12-1409:15:41

CWE-89

[email protected]

web.nvd.nist.gov

cve-2023-40629

sql injection

lms lite

joomla

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.0%

JSON

SQLi vulnerability in LMS Lite component for Joomla.

Affected configurations

NVD

Node

king-productslms_king_liteRange1.0.0–3.3.01joomla\!

CPENameOperatorVersion
king-products:lms_king_liteking-products lms king litele3.3.01

CPE	Name	Operator	Version
king-products:lms_king_lite	king-products lms king lite	le	3.3.01

CNA Affected

[
  {
    "collectionURL": "https://extensions.joomla.org/extension/lms-lite/",
    "defaultStatus": "unaffected",
    "packageName": "com_lmslite",
    "product": "LMS Lite component for Joomla",
    "vendor": "king-products.net",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0-3.3.0.1"
      }
    ]
  }
]

References

extensions.joomla.org/extension/lms-lite/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.0%

JSON

Related for CVE-2023-40629

cvelist1 prion1 nvd1