CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48050
https://notcve.org/view.php?id=CVE-2023-48050
SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py component. Vulnerabilidad de inyección SQL en Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (también conocido como odoo-biometric-attendance) v. 13.0 a 16.0.1 permite a un atacante remoto ejecutar código arbitrario y obtener privilegios a través del parámetro db en el componente controllers/controllers.py. • https://github.com/luvsn/OdZoo/tree/main/exploits/odoo-biometric-attendance • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •