CVE-2023-43836: SQL Injection
First published: Mon Oct 02 2023(Updated: )
There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jizhicms Jizhicms | =2.4.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-43836?
The severity of CVE-2023-43836 is medium with a severity value of 6.5.
How can users exploit the SQL injection vulnerability in Jizhicms 2.4.9 backend?
Users can exploit the SQL injection vulnerability in Jizhicms 2.4.9 backend to obtain database information.
Which version of Jizhicms is affected by CVE-2023-43836?
Jizhicms version 2.4.9 is affected by CVE-2023-43836.
Is there a fix available for CVE-2023-43836?
It is recommended to update Jizhicms to a version that is not affected by CVE-2023-43836.
Where can I find more information about CVE-2023-43836?
You can find more information about CVE-2023-43836 on the GitHub repository and Gist provided in the references.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jizhicms
- canonical/jizhicms jizhicms
- version/jizhicms jizhicms/2.4.9