admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-12 16:23:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/6xxx/CVE-2023-6035.json
CVE Team 7dcd6b56ea
"-Synchronized-Data."
2023-12-11 20:00:32 +00:00

80 lines
2.4 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-6035",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize and escape \"data\" parameter before using it in an SQL statement via an AJAX action, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "EazyDocs",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.3.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/44f5a29a-05f9-40d2-80f2-6fb2bda60d79",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/44f5a29a-05f9-40d2-80f2-6fb2bda60d79"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Dao Xuan Hieu"
},
{
"lang": "en",
"value": "WPScan"
}
]
}
Reference in New Issue View Git Blame Copy Permalink