CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-26784

SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admin_commonuser parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://gist.github.com/yinfei6/b13e7527887ac0eb809fa0b6f36305e1
https://www.tosec.com.cn
https://gist.github.com/yinfei6/b13e7527887ac0eb809fa0b6f36305e1
https://www.tosec.com.cn

Products affected by CVE-2023-26784

Tosec » Kirin Fortress Machine » Version: 1.7-2020-0610

cpe:2.3:a:tosec:kirin_fortress_machine:1.7-2020-0610

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26784

Products

Pricing

Contact Us