CVE-2023-6886

A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.
References
Link Resource
https://github.com/xnx3/wangmarket/issues/8 Not Applicable
https://vuldb.com/?ctiid.248246 Permissions Required Third Party Advisory
https://vuldb.com/?id.248246 Third Party Advisory
https://github.com/xnx3/wangmarket/issues/8 Not Applicable
https://vuldb.com/?ctiid.248246 Permissions Required Third Party Advisory
https://vuldb.com/?id.248246 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:wang.market:wangmarket:6.1:*:*:*:*:*:*:*

History

21 Nov 2024, 08:44

Type Values Removed Values Added
CVSS v2 : 5.8
v3 : 9.8
v2 : 5.8
v3 : 4.7
References () https://github.com/xnx3/wangmarket/issues/8 - Not Applicable () https://github.com/xnx3/wangmarket/issues/8 - Not Applicable
References () https://vuldb.com/?ctiid.248246 - Permissions Required, Third Party Advisory () https://vuldb.com/?ctiid.248246 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?id.248246 - Third Party Advisory () https://vuldb.com/?id.248246 - Third Party Advisory

20 Dec 2023, 20:41

Type Values Removed Values Added
References () https://github.com/xnx3/wangmarket/issues/8 - () https://github.com/xnx3/wangmarket/issues/8 - Not Applicable
References () https://vuldb.com/?ctiid.248246 - () https://vuldb.com/?ctiid.248246 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?id.248246 - () https://vuldb.com/?id.248246 - Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-94
CPE cpe:2.3:a:wang.market:wangmarket:6.1:*:*:*:*:*:*:*

17 Dec 2023, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-17 01:15

Updated : 2024-11-21 08:44


NVD link : CVE-2023-6886

Mitre link : CVE-2023-6886

CVE.ORG link : CVE-2023-6886


JSON object : View

Products Affected

wang.market

  • wangmarket
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')