Vulnerability Details : CVE-2023-39849
** DISPUTED ** Pikachu v1.0 was discovered to contain a SQL injection vulnerability via the $username parameter at \inc\function.php. NOTE: this is disputed by multiple third parties who report that the only role of Pikachu is to intentionally implement vulnerabilities for learning purposes; it is never employed for delivering services or functionality to end users.
Vulnerability category: Sql Injection
Products affected by CVE-2023-39849
We don't have affected product information for this CVE yet
Exploit prediction scoring system (EPSS) score for CVE-2023-39849
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
References for CVE-2023-39849
-
https://github.com/zhuifengshaonianhanlu/pikachu/blob/master/README.md
pikachu/README.md at master · zhuifengshaonianhanlu/pikachu · GitHub
-
https://github.com/KLSEHB/vulnerability-report/blob/main/Pikachu_CVE-2023-39849
vulnerability-report/Pikachu_CVE-2023-39849 at main · KLSEHB/vulnerability-report · GitHub
-
https://github.com/zhuifengshaonianhanlu/pikachu
GitHub - zhuifengshaonianhanlu/pikachu: 一个好玩的Web安全-漏洞测试平台
Jump to