CVE-2023-4034

SQLi in Smartrise Document Management System

CVSS 9.8 CRITICALEPSS 0.5%CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection. This issue affects Smartrise Document Management System: before Hvl-2.0.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Digita Information Technology · Smartrise Document Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0494 https://www.usom.gov.tr/bildirim/tr-23-0494