2 matches found
CVE-2023-33367
A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution...
CVE-2023-33367
Control ID IDSecure versions 4.7.26.0 and prior are affected by a SQL injection vulnerability. The flaw allows unauthenticated attackers to write PHP files on the server’s root directory, enabling remote code execution. This is rooted in input handling in IDSecure leading to arbitrary file writes...