CVE-2023-4974
Published: 15 September 2023
Summary
CVE-2023-4974 is a medium-severity SQL Injection (CWE-89) vulnerability in Creativeitem Academy Lms. Its CVSS base score is 6.3 (Medium).
Operationally, ranked in the top 2.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-4974 is a SQL injection vulnerability rated critical in Academy LMS version 6.2. It resides in the GET parameter handler of the /academy/tutor/filter endpoint, where unsanitized manipulation of the price_min and price_max arguments allows arbitrary SQL commands to be injected into backend queries.
An attacker with low-privileged but authenticated access can launch the attack remotely over the network. Successful exploitation yields limited read, write, and impact on availability within the affected database context, consistent with the CVSS 6.3 vector that requires no user interaction and assumes a single security scope.
Public references consist of a Packet Storm proof-of-concept and multiple Vuldb entries; the vendor was notified prior to disclosure but issued no response or patch. The associated EPSS score reached a peak of 0.4795 after publication, indicating measurable post-disclosure exploitation interest that warrants monitoring.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-54810
Vulnerability details
A vulnerability was found in Academy LMS 6.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument price_min/price_max leads to…
more
sql injection. The attack may be launched remotely. VDB-239750 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.