VulnerAlert



DATABASE
17-12-2025 23:54

CVE-2023-53917 Vulnerabilidad documentada

Sin puntuación
Tags
#sql injection
#sql
#injection
#exploit
#data
#php
#form
#admin
#database
#vulnerability
#/sql(.*)injection/iU
#attackers
#authenticated
#pass
#password
#manipulate
#inject
#allow
#attack
Descripción
Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit 'id' parameter with crafted union-based queries extract sensitive user information including usernames and password hashes.
https://www.exploit-db.com/exploits/51468
https://www.powerstonegh.com/
https://www.vulncheck.com/advisories/affiliate-me-sql-injection-vulnerability-via-admin-panel
Referencia
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2023-53917
Resultados similares
Coincidentes en almenos en 50% de los tags
18-12-2025 CVE-2025-14364
The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data,...
Ver información
18-12-2025 CVE-2025-64231
Unrestricted Upload of File with Dangerous Type vulnerability in RedefiningTheWeb WordPress Con...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por