Vulnerability Details CVE-2023-48050
SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-48050
-
_cams_biometrics_integration_module:13.0
-
_cams_biometrics_integration_module:16.0.1
-
_essl
-
cpe:2.3:a:camsbiometrics:zkteco
-
cpe:2.3:a:odoo:biometric_attendance:13.0
-
cpe:2.3:a:odoo:biometric_attendance:14.0
-
cpe:2.3:a:odoo:biometric_attendance:15.0
-
cpe:2.3:a:odoo:biometric_attendance:16.0
-
cpe:2.3:a:odoo:biometric_attendance:16.0.1