Lucene search

MitreVULNRICHMENT:CVE-2023-38912

HistorySep 14, 2023 - 12:00 a.m.

CVE-2023-38912

2023-09-1400:00:00

mitre

github.com

sql injection

super store finder

php script

remote attacker

arbitrary code

crafted payload

username parameter

AI Score

8.6

Confidence

Low

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

total

JSON

SQL injection vulnerability in Super Store Finder PHP Script v.3.6 allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter.

References

codecanyon.net/item/super-store-finder/3630922

packetstormsecurity.com/files/173302/Super-Store-Finder-PHP-Script-3.6-SQL-Injection.html