Security Advisory

CVE-2023-53917

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-17 22:46:25

Last updated 2026-04-07 14:07:40

Assigner VulnCheck

State PUBLISHED

Description

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the id parameter with crafted union-based queries to extract sensitive user information including usernames and password hashes.

← Browse all CVEs View on cve.org ↗