CVE-2023-39853

Description

SQL Injection vulnerability in Dzzoffice version 2.01, allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-39853
Base Score: 6.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 2.8

Refrence: NVD

Description​

Description