CVE-2023-4675

Published Dec 29, 2023

Last updated 10 months ago

Overview

Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GM Information Technologies MDO allows SQL Injection.This issue affects MDO: through 20231229.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Source
iletisim@usom.gov.tr
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

iletisim@usom.gov.tr
CWE-89

Social media

Hype score
Not currently trending

Configurations