A critical vulnerability in 07FLY CRM V2 allows remote attackers to execute SQL injection via the argument account in /index.php/sysmanage/Login/login_auth/. Publicly disclosed with ID VDB-239861
Reporter | Title | Published | Views | Family All 3 |
---|---|---|---|---|
![]() | CVE-2023-5020 07FLY CRM Administrator Login Page sql injection | 17 Sep 202304:31 | – | cvelist |
![]() | Sql injection | 17 Sep 202305:15 | – | prion |
![]() | CVE-2023-5020 | 17 Sep 202305:15 | – | nvd |
[
{
"vendor": "07FLY",
"product": "CRM",
"versions": [
{
"version": "V2",
"status": "affected"
}
],
"modules": [
"Administrator Login Page"
]
}
]
Source | Link |
---|---|
vuldb | www.vuldb.com/ |
github | www.github.com/chosir/exp/tree/main |
vuldb | www.vuldb.com/ |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo