SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
References
Link | Resource |
---|---|
https://forum.wbce.org/viewtopic.php?pid=42046#p42046 | Issue Tracking |
https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.1 | Release Notes |
https://pastebin.com/PBw5AvGp | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-10T00:00:00
Updated: 2023-11-10T05:24:39.298899
Reserved: 2023-08-07T00:00:00
Link: CVE-2023-39796
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-10T06:15:30.410
Modified: 2023-11-16T19:20:34.407
Link: CVE-2023-39796
JSON object: View
Redhat Information
No data.
CWE