SQL Injection Vulnerability in Emlog 2.1.9 by Safe-B
CVE-2023-39121

7.2HIGH

Key Information:

Vendor: Emlog
Status: Emlog
Vendor: CVE Published:; 3 August 2023

What is CVE-2023-39121?

Emlog version 2.1.9 contains a SQL injection vulnerability in the /admin/user.php component, which could allow an attacker to manipulate database queries. This flaw may lead to unauthorized access to sensitive information within the application. Proper validation and sanitization of user input are crucial to mitigate this vulnerability and protect the integrity of the system.

References

https://github.com/safe-b/CVE/issues/1#issue-1817133689

https://github.com/safe-b/CVE/issues/1

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 3, 2023
Vulnerability Reserved
Jul 25, 2023