CVE-2023-49764

CWE-89 — SQL Injection3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 65.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Younes Jfr. Advanced Database Cleaner Sigmaplugin Advanced Database Cleaner

Timeline

PublishedDec 19

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:LExploitability: 2.3 | Impact: 4.7

Affected Packages2 packages

▶CVEListV5younes_jfr./advanced_database_cleanern/a — 3.1.2

▶NVDsigmaplugin/advanced_database_cleaner3.1.2

🔴Vulnerability Details

GHSA

GHSA-c9rr-75hh-4hj4: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Younes JFR↗2023-12-19

▶

CVEList

WordPress Advanced Database Cleaner Plugin <= 3.1.2 is vulnerable to SQL Injection↗2023-12-19

▶