GHSA-jjf4-959w-f545

Suggest an improvement
Source
https://github.com/advisories/GHSA-jjf4-959w-f545
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-jjf4-959w-f545/GHSA-jjf4-959w-f545.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-jjf4-959w-f545
Aliases
  • CVE-2023-47438
Published
2024-03-28T00:31:37Z
Modified
2024-09-04T20:42:39.214846Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
  • 7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
SQL Injection vulnerability in Reportico Till
Details

SQL Injection vulnerability in Reportico Till 8.1.0 allows attackers to obtain sensitive information or other system information via the project parameter.

References

Affected packages

Packagist / reportico-web/reportico

Package

Name
reportico-web/reportico
Purl
pkg:composer/reportico-web/reportico

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
8.1.0

Affected versions

4.*

4.6

6.*

6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
6.0.9
6.0.10
6.0.11
6.0.12
6.0.13
6.0.14
6.0.15
6.0.16

7.*

7.0.1-alpha
7.0.2-alpha
7.0.3-alpha
7.0.4-alpha
7.0.5-alpha
7.0.6-alpha
7.0.7-alpha
7.0.8-alpha
7.0.9-alpha
7.0.10-alpha
7.1.0-alpha
7.1.1-alpha
7.1.2-alpha
7.1.3-alpha
7.1.4-alpha
7.1.5-alpha
7.1.6-alpha
7.1.7-alpha
7.1.8-alpha
7.1.9-alpha
7.1.10-alpha
7.1.11-alpha
7.1.12-alpha
7.1.13-alpha
7.1.14-alpha
7.1.15-alpha
7.1.16-alpha
7.1.17-alpha
7.1.18-alpha
7.1.19-beta
7.1.20-beta
7.1.21-beta
7.1.22-beta
7.1.23-beta
7.1.24-beta
7.1.25-beta
7.1.26-beta
7.1.27-beta
7.1.28-beta
7.1.29-beta
7.1.30-beta
7.1.31-beta
7.1.32-beta
7.1.33-beta
7.1.34-beta
7.1.35-beta
7.1.36-beta
7.1.37-beta
7.1.38-beta
7.1.39-beta
7.1.40-beta
7.1.41-beta
7.1.42-beta

8.*

8.0.1
8.0.2
8.0.3
8.1.0