{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T23:51:08.169","vulnerabilities":[{"cve":{"id":"CVE-2023-49641","sourceIdentifier":"help@fluidattacks.com","published":"2025-05-13T00:15:17.770","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginCheck.php resource does not validate the characters received and they are sent unfiltered to the database."},{"lang":"es","value":"Billing Software v1.0 es vulnerable a múltiples vulnerabilidades de inyección SQL no autenticada. El parámetro \"username\" del recurso loginCheck.php no valida los caracteres recibidos y estos se envían sin filtrar a la base de datos."}],"metrics":{"cvssMetricV31":[{"source":"help@fluidattacks.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"help@fluidattacks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://fluidattacks.com/advisories/zimerman/","source":"help@fluidattacks.com"},{"url":"https://www.kashipara.com/","source":"help@fluidattacks.com"}]}}]}