What the vulnerability does
01Description
Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
What the vulnerability does
Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions.
Explanation of Vulnerability in Simple Terms
GeekyBot versions up to 1.2.5 contain a SQL injection vulnerability in an unspecified component. An attacker on the network can craft malicious input to read sensitive data from the database without authentication. The vulnerability also allows limited disruption of service availability.
What an attacker can do
Read sensitive data from the database and cause partial service disruption.
Potential impact on your site
Database contents may be exposed; service availability may be degraded.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities