Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-4740

๐Ÿ—“๏ธย 03 Sep 2023ย 20:00:05Reported byย VulDBTypeย 
cve
ย cve๐Ÿ”—ย web.nvd.nist.gov๐Ÿ‘ย 2481ย Views๐ŸŒ WEB

Vulnerability in IBOS OA 4.5.5, allowing remote SQL injection via Delete Draft Handler

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
Circl		CVE-2023-4740
2 Feb 202407:45
โ€“circl
CNNVD		IBOS SQL Injection Vulnerability
3 Sep 202300:00
โ€“cnnvd
Cvelist		CVE-2023-4740 IBOS OA Delete Draft delDraft&archiveId=0 sql injection
3 Sep 202320:00
โ€“cvelist
EUVD		EUVD-2023-54588
3 Oct 202520:07
โ€“euvd
NVD		CVE-2023-4740
3 Sep 202320:15
โ€“nvd
Prion		Sql injection
3 Sep 202320:15
โ€“prion
Positive Technologies		PT-2023-30443 ยท Ibos Oa ยท Ibos Oa
3 Sep 202300:00
โ€“ptsecurity
RedhatCVE		CVE-2023-4740
9 Jan 202609:25
โ€“redhatcve
Vulnrichment		CVE-2023-4740 IBOS OA Delete Draft delDraft&archiveId=0 sql injection
3 Sep 202320:00
โ€“vulnrichment
NVD
Vulners
Node
ibosibosMatch4.5.5
[
  {
    "vendor": "IBOS",
    "product": "OA",
    "versions": [
      {
        "version": "4.5.5",
        "status": "affected"
      }
    ],
    "modules": [
      "Delete Draft Handler"
    ]
  }
]
ParameterPositionPathDescriptionCWE
archiveIdquery param/?r=email/api/delDraft&archiveId=0SQL injection in Delete Draft Handler via query parameters in delDraft endpoint.CWE-89
rquery param/?r=email/api/delDraft&archiveId=0SQL injection in Delete Draft Handler via query parameters in delDraft endpoint.CWE-89

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 08:35Current
7.7High risk
Vulners AI Score7.7
CVSS 3.16.3 - 8.8
CVSS 26.5
CVSS 36.3
EPSS0.00069
SSVC
CWE-89
cve-2023-4740ibos oa 4.5.5critical vulnerabilitysql injectionremote attack
2481