CVE-2023-3687

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
16/07/2023
Last modified:
17/05/2024

Description

A vulnerability was found in Bylancer QuickVCard 2.1. It has been rated as critical. This issue affects some unknown processing of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be initiated remotely. The identifier VDB-234233 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:bylancer:quickvcard:2.1:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools