CVE-2023-45503
Description
SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints.
NVD
Severity: N/A
CVE ID: CVE-2023-45503
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.
Proof Of Concept
ally-petitt
CVE-2023-45503 Reference
Refrence: GitHub