CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Powerstonegh: >> Affiliate Me Security Vulnerabilities

CVE-2023-53917

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames and password hashes.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-12-17

Page 1

Vulnerabilities

Vulnerable Software

Powerstonegh: >> Affiliate Me Security Vulnerabilities

Products

Pricing

Contact Us