CVE-2023-6647
A vulnerability, which was classified as critical, has been found in AMTT HiBOS 1.0. Affected by this issue is some unknown functionality. The manipulation of the argument Type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247340. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published
2023-12-10T07:15:44.100
Last Modified
2024-11-21T08:44:16.793
Status
Modified
Source
[email protected]
Severity
CVSSv3.1: 7.3 (HIGH)
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: NONE
- Confidentiality Impact: PARTIAL
- Integrity Impact: PARTIAL
- Availability Impact: PARTIAL
Exploitability Score
10.0
Impact Score
6.4
Weaknesses
Affected Vendors & Products
| Type |
Vendor |
Product |
Version/Range |
Vulnerable? |
| Application |
amttgroup
|
hibos
|
1.0 |
Yes
|
References
-
https://github.com/gatsby2003/Sqlinjection/blob/main/sql.md
Exploit, Third Party Advisory
([email protected])
-
https://vuldb.com/?ctiid.247340
Permissions Required, Third Party Advisory, VDB Entry
([email protected])
-
https://vuldb.com/?id.247340
Permissions Required, Third Party Advisory, VDB Entry
([email protected])
-
https://github.com/gatsby2003/Sqlinjection/blob/main/sql.md
Exploit, Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://vuldb.com/?ctiid.247340
Permissions Required, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)
-
https://vuldb.com/?id.247340
Permissions Required, Third Party Advisory, VDB Entry
(af854a3a-2127-422b-91ae-364da2661108)