CVE-2023-22900

Efence login function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify or delete database.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-6885-d679e-1.html Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:thinkingsoftware:efence:1.2.58:db28:*:*:*:*:*:*

Information

Published : 2023-01-31 08:15

Updated : 2023-02-07 03:05


NVD link : CVE-2023-22900

Mitre link : CVE-2023-22900

Products Affected
No products.
CWE