CVE-2023-27074
published 2023-03-14CVE-2023-27074: BP Monitoring Management System v1.0 was discovered to contain a SQL injection vulnerability via the emailid parameter in the login page.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
BP Monitoring Management System v1.0 was discovered to contain a SQL injection vulnerability via the emailid parameter in the login page.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 0 < 4.4.0-272.306 | 4.4.0-272.306 |
| linux | linux_kernel | >= 0 < 4.15.0-241.253 | 4.15.0-241.253 |
| phpgurukul | bp_monitoring_management_system | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv5.5MEDIUM