Lucene search

[email protected]NVD:CVE-2023-39551

HistoryAug 04, 2023 - 7:15 p.m.

CVE-2023-39551

2023-08-0419:15:10

CWE-89

[email protected]

web.nvd.nist.gov

phpgurukul

security guards

sql injection

vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

44.3%

JSON

PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.

Affected configurations

Nvd

Node

phpgurukulonline_security_guards_hiring_systemMatch1.0

VendorProductVersionCPE
phpgurukulonline_security_guards_hiring_system1.0cpe:2.3:a:phpgurukul:online_security_guards_hiring_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpgurukul	online_security_guards_hiring_system	1.0	cpe:2.3:a:phpgurukul:online_security_guards_hiring_system:1.0:::::::*

References

github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md

nvd.nist.gov/vuln/detail/CVE-2023-39551

www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1

www.chtsecurity.com/news/285b9375-ba65-4f61-a02a-a575337dc86c

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

44.3%

JSON

Related for NVD:CVE-2023-39551

cvelist1 cnvd1 cve1 prion1