CVE-2023-23753

CVSS V2 None CVSS V3 None

Description

The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.

Overview

CVE ID
CVE-2023-23753

Assigner
security@joomla.org

Vulnerability Status
Received

Published Version
2023-04-23T21:15:06

Last Modified Date
2023-04-23T21:15:06

References

Reference URL	Reference Tags
https://blog.asturhackers.es/sql-injection-en-visforms-base-package-for-joomla-3-0-5-cve-2023-23753
https://vi-solutions.de/en/announcements/867-security-announcement-cve-2023-23754

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-23753
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23753

History

Created	Old Value	New Value	Data Type	Notes
2023-04-23 22:00:56				Added to TrackCVE