Lucene search
HistorySep 25, 2023 - 9:15 p.m.
CVE-2023-43132
vmqphp
sql injection
vulnerability
remote users
administrator password
cve-43132
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
32.9%
szvone vmqphp <=1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password.
Affected configurations
Node
szvonevmqphpRange≤1.13
Related
vulnrichment
vulnrichment
CVE-2023-43132
2023-09-25 00:00:00
cve
cve
CVE-2023-43132
2023-09-25 21:15:16
prion
prion
Sql injection
2023-09-25 21:15:00
cvelist
cvelist
CVE-2023-43132
2023-09-25 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
32.9%
Related for NVD:CVE-2023-43132