CVE-2023-4034

Sažetak

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection. This issue affects Smartrise Document Management System: before Hvl-2.0.

Reference

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0494
https://www.usom.gov.tr/bildirim/tr-23-0494
https://www.usom.gov.tr/bildirim/tr-23-0494

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

21-05-2026 - 14:16

Objavljeno

05-09-2023 - 19:15