admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-39980.md

18 lines
978 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-39980](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39980)
![](https://img.shields.io/static/v1?label=Product&message=MXsecurity%20Series&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.0%3C%3D%201.0.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%3A%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
### Description
A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands.
### POC
#### Reference
- https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Reference in New Issue Copy Permalink