CVE-2023-53917

Publication date

2025-12-17 22:46:25

Family

VulnCheck

State

PUBLISHED

Description

Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that allows authenticated administrators to manipulate database queries. Attackers can exploit the id parameter with crafted union-based queries to extract sensitive user information including usernames and password hashes.