CVE-2023-41636

2023-08-3100:00:00

mitre

www.cve.org

sql injection

grupposcai realgimm

data richiesta dal parameter

cve-2023-41636

database access

arbitrary commands

EPSS

0.001

Percentile

46.5%

JSON

A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query.

References

github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41636%20%7C%20RealGimm%20-%20SQL%20Injection%281%29.md

github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20-%20SQL%20Injection%281%29.md

EPSS

0.001

Percentile

46.5%

JSON

Related for CVELIST:CVE-2023-41636