2 matches found
CVE-2023-39853
SQL Injection vulnerability in Dzzoffice version 2.01, allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module...
CVE-2023-39853
CVE-2023-39853 affects Dzzoffice 2.01. A SQL injection vulnerability exists in the Network Disk backend module, exploitable via the doobj and doevent parameters to leak or access sensitive information. The NVD/CNA metrics indicate network access with low attack complexity and minimal privileges r...