4 matches found
CVE-2023-23634
SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint...
CVE-2023-23634
SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint...
CVE-2023-23634
CVE-2023-23634 affects Documize 5.4.2. A SQL injection vulnerability in the /api/dashboard/activity endpoint allows remote attackers to execute arbitrary code via the user parameter, with high impact (C, I, A all High) and CVSS 3.1 score 9.8. Affected component: the /api/dashboard/activity reques...
CVE-2023-23634
SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the /api/dashboard/activity endpoint...