Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/12/18 11:36 p.m.6 views

CVE-2023-53917

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames...

8.7CVSS7.6AI score0.00307EPSS
Exploits1References1
OSV
OSV
added 2025/12/17 11:15 p.m.4 views

CVE-2023-53917

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames...

8.7CVSS5.8AI score0.00307EPSS
Exploits1References3
NVD
NVD
added 2025/12/17 11:15 p.m.7 views

CVE-2023-53917

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames...

8.7CVSS0.00307EPSS
Exploits1References3
CVE
CVE
added 2025/12/17 10:46 p.m.8 views

CVE-2023-53917

Affiliate Me 5.0.1 is affected by a SQL injection in the admin.php endpoint. The vulnerability arises from unsafely handling the id parameter, allowing authenticated administrators to craft union-based queries to extract sensitive data such as usernames and password hashes. Multiple connected sou...

8.7CVSS7.2AI score0.00307EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/12/17 10:46 p.m.21 views

CVE-2023-53917 Affiliate Me 5.0.1 SQL Injection Vulnerability via Admin Panel

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames...

8.7CVSS0.00307EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/17 10:46 p.m.3 views

CVE-2023-53917 Affiliate Me 5.0.1 SQL Injection Vulnerability via Admin Panel

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames...

8.7CVSS7.2AI score0.00307EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.5 views

Powerstone Affiliate Me SQL注入漏洞

Powerstone Affiliate Me is an affiliate marketing management system from Powerstone Ghana. A SQL injection vulnerability exists in Powerstone Affiliate Me version 5.0.1, which stems from improper manipulation of the admin.php endpoint id parameter, which could lead to a SQL injection attack...

8.7CVSS7.7AI score0.00307EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2023/05/23 12:0 a.m.237 views

Affiliate Me 5.0.1 SQL Injection

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection Exploit Date: May 16, 2023. CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/05/23 12:0 a.m.143 views

Affiliate Me Version 5.0.1 - SQL Injection Vulnerability

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version: 5.0.1 Vendor:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.239 views

Affiliate Me Version 5.0.1 - SQL Injection

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection Exploit Date: May 16, 2023. CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version:...

7.4AI score
Exploits0
Rows per page
Query Builder