CVE-2023-39806: SQL Injection
First published: Thu Aug 10 2023(Updated: )
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| iCMS | =7.0.16 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the SQL injection vulnerability in iCMS v7.0.16?
The vulnerability ID for the SQL injection vulnerability in iCMS v7.0.16 is CVE-2023-39806.
What is the severity rating of CVE-2023-39806?
CVE-2023-39806 has a severity rating of 9.8 (Critical).
How does the SQL injection vulnerability in iCMS v7.0.16 occur?
The SQL injection vulnerability in iCMS v7.0.16 occurs via the bakupdata function.
Which version of iCMS is affected by the SQL injection vulnerability?
The SQL injection vulnerability affects iCMS version 7.0.16.
How can the SQL injection vulnerability in iCMS v7.0.16 be fixed?
To fix the SQL injection vulnerability in iCMS v7.0.16, it is recommended to update to a patched version provided by Idreamsoft.
- agent/author
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/idreamsoft
- canonical/icms
- version/icms/7.0.16