Filtered by vendor Powerstonegh
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-53917 | 1 Powerstonegh | 1 Affiliate Me | 2025-12-31 | N/A | 6.5 MEDIUM |
| Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames and password hashes. | |||||