CVE-2023-39853

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-39853
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-39853.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-39853
Published
2024-01-06T04:15:08.863Z
Modified
2026-03-14T12:08:37.917743Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

SQL Injection vulnerability in Dzzoffice version 2.01, allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module.

References

Affected packages

Git / github.com/zyx0814/dzzoffice

Affected ranges

Type
GIT
Repo
https://github.com/zyx0814/dzzoffice
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
137d3cc3a35d5aca0c5b830f644e8c723493c463
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.01"
        }
    ]
}

Affected versions

1.*
1.3.1
2.*
2.01
2.0beta

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-39853.json"