exploitDog

CVE-2023-53926

Опубликовано: 17 дек. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database information.

Ссылки

https://www.exploit-db.com/exploits/51416
Exploit
Third Party Advisory
VDB Entry
https://www.phpjabbers.com/faq.php
Product
https://www.vulncheck.com/advisories/phpjabbers-simple-cms-sql-injection-via-column-parameter
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpjabbers:simple_cms:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00253

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-mpqr-qwwp-p8mx

CVSS3: 9.8

github

около 2 месяцев назад

PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database information.

EPSS

Процентиль: 48%

0.00253

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89