CVE-2023-45503

Description

SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints.

NVD
Severity: N/A
CVE ID: CVE-2023-45503
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.

Refrence: NVD MITRE

Proof Of Concept

ally-petitt

CVE-2023-45503 Reference

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept