CVE-2023-4928

SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1.
Configurations

Configuration 1 (hide)

cpe:2.3:a:instantcms:icms2:*:*:*:*:*:*:*:*

History

15 Sep 2023, 13:29

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.2
CPE cpe:2.3:a:instantcms:icms2:*:*:*:*:*:*:*:*
References (MISC) https://github.com/instantsoft/icms2/commit/3a6b148fa2c943ee7647e0cd14bf68e026b15548 - (MISC) https://github.com/instantsoft/icms2/commit/3a6b148fa2c943ee7647e0cd14bf68e026b15548 - Patch
References (MISC) https://huntr.dev/bounties/cb72cc17-5a0d-4392-9a5f-a13aa773de9e - (MISC) https://huntr.dev/bounties/cb72cc17-5a0d-4392-9a5f-a13aa773de9e - Exploit, Patch, Third Party Advisory
First Time Instantcms
Instantcms icms2

13 Sep 2023, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-13 01:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-4928

Mitre link : CVE-2023-4928

CVE.ORG link : CVE-2023-4928


JSON object : View

Products Affected

instantcms

  • icms2
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')