CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-48395

Kaifa Technology WebITR is an online attendance system, it has insufficient validation for user input within a special function. A remote attacker with regular user privilege can exploit this vulnerability to inject arbitrary SQL commands to read database.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.8%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.twcert.org.tw/tw/cp-132-7625-a0b9c-1.html
https://www.twcert.org.tw/tw/cp-132-7625-a0b9c-1.html

Products affected by CVE-2023-48395

Kaifa » Webitr Attendance System » Version: 2.1.0.23

cpe:2.3:a:kaifa:webitr_attendance_system:2.1.0.23

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-48395

Products

Pricing

Contact Us