Headline
CVE-2023-43013: Asset Management System v1.0 - Unauthenticated SQL Injection (SQLi) | Advisories | Fluid Attacks
Asset Management System v1.0 is vulnerable to an
unauthenticated SQL Injection vulnerability on the
‘email’ parameter of index.php page, allowing an
external attacker to dump all the contents of the
database contents and bypass the login control.
Hacking software for over 20 years
Fluid Attacks tests applications and other systems, covering all software development stages. Our team assists clients in quickly identifying and managing vulnerabilities to reduce the risk of incidents and deploy secure technology.