CVE-2023-7145

🗓️ 29 Dec 2023 01:31:04Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 49 Views🌐 WEB

A critical SQL injection vulnerability found in gopeak MasterLab up to 3.3.10

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2023-7145	29 Dec 202303:26	–	circl
CNNVD	Sven gopeak masterlab SQL Injection Vulnerability	29 Dec 202300:00	–	cnnvd
Cvelist	CVE-2023-7145 gopeak MasterLab HTTP POST Request Framework.php sqlInject sql injection	29 Dec 202301:31	–	cvelist
EUVD	EUVD-2023-59328	3 Oct 202520:07	–	euvd
NVD	CVE-2023-7145	29 Dec 202302:15	–	nvd
Prion	Sql injection	29 Dec 202302:15	–	prion
Positive Technologies	PT-2023-32906 · Unknown · Gopeak Masterlab	28 Dec 202300:00	–	ptsecurity

NVD

Vulners

Node

masterlab masterlabRange≤3.3.10

[
  {
    "vendor": "gopeak",
    "product": "MasterLab",
    "versions": [
      {
        "version": "3.3.0",
        "status": "affected"
      },
      {
        "version": "3.3.1",
        "status": "affected"
      },
      {
        "version": "3.3.2",
        "status": "affected"
      },
      {
        "version": "3.3.3",
        "status": "affected"
      },
      {
        "version": "3.3.4",
        "status": "affected"
      },
      {
        "version": "3.3.5",
        "status": "affected"
      },
      {
        "version": "3.3.6",
        "status": "affected"
      },
      {
        "version": "3.3.7",
        "status": "affected"
      },
      {
        "version": "3.3.8",
        "status": "affected"
      },
      {
        "version": "3.3.9",
        "status": "affected"
      },
      {
        "version": "3.3.10",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
note	www.note.zhaoj.in/share/LEbo1ypfzfQh
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

Parameter	Position	Path	Description	CWE
pwd	request body	app/ctrl/Framework.php	SQL injection in Framework.php function sqlInject via pwd parameter	CWE-89

21 Nov 2024 08:45Current

8.3High risk

Vulners AI Score8.3

CVSS 3.16.3 - 9.8

CVSS 25.8

CVSS 36.3

EPSS0.00111

CWE-89