CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-44025

SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the getrulebyid function in the AddifyfreegiftsModel.php component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.026

EPSS Ranking 85.0%

CVSS Severity

CVSS v3 Score 9.8

References

https://security.friendsofpresta.org/modules/2023/10/31/addifyfreegifts.html
https://security.friendsofpresta.org/modules/2023/10/31/addifyfreegifts.html

Products affected by CVE-2023-44025

Addify » Free Gifts » Version: N/A

cpe:2.3:a:addify:free_gifts:-
Addify » Free Gifts » Version: 1.0.2

cpe:2.3:a:addify:free_gifts:1.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44025

Products

Pricing

Contact Us