CVE-2023-1198

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saysis Starcities allows SQL Injection. This issue affects Starcities: through 1.3.

critical 9.8 CVSS 3.1
Published: Mar 10, 2023
Modified: Jun 1, 2026
Vendor: Saysis
Product: Starcities

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saysis Starcities allows SQL Injection.

This issue affects Starcities: through 1.3.

References

Related CVEs

CVE-2023-1246 high · 7.5
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations. This issue affects Starcities: through 1
CVE-2022-2178 medium · 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saysis Computer Starcities allows Cross-Site Scripting (XSS). This issue affe