CVE-2023-49548

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
05/03/2024
Last modified:
28/03/2025

Description

Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:oretnom23:customer_support_system:1.0:*:*:*:*:*:*:*