Thinking Software Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database.
History

Thu, 12 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2023-06-16T00:00:00

Updated: 2024-12-12T17:07:08.695Z

Reserved: 2023-05-15T00:00:00

Link: CVE-2023-32754

cve-icon Vulnrichment

Updated: 2024-08-02T15:25:36.870Z

cve-icon NVD

Status : Modified

Published: 2023-06-16T04:15:13.947

Modified: 2024-11-21T08:03:58.823

Link: CVE-2023-32754

cve-icon Redhat

No data.