Vulnerability Details : CVE-2023-39848
** DISPUTED ** DVWA v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at blind\source\high.php. NOTE: this is disputed by multiple third parties who report that the only role of DVWA is to intentionally implement vulnerabilities for learning purposes; it is never employed for delivering services or functionality to end users.
Vulnerability category: Sql Injection
Products affected by CVE-2023-39848
We don't have affected product information for this CVE yet
Exploit prediction scoring system (EPSS) score for CVE-2023-39848
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2023-39848
-
https://github.com/KLSEHB/vulnerability-report/blob/main/Dvwa_CVE-2023-39848
vulnerability-report/Dvwa_CVE-2023-39848 at main · KLSEHB/vulnerability-report · GitHub
-
https://github.com/digininja/DVWA
GitHub - digininja/DVWA: Damn Vulnerable Web Application (DVWA)
Jump to