Filtered by vendor Powerstonegh
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-53917 | 1 Powerstonegh | 1 Affiliate Me | 2025-12-18 | 6.5 Medium |
| Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the 'id' parameter with crafted union-based queries to extract sensitive user information including usernames and password hashes. | ||||
Page 1 of 1.