CVE-2023-3687
Bylancer QuickVCard 2.1 contains a SQL injection in the GET Parameter Handler affecting the /blog endpoint, via manipulation of the argument s. This can be triggered remotely and results in unauthorized data access/modification (high impact per CVSS). The exact vulnerable code/path is not fully d...