VYPR
Medium severity5.4NVD Advisory· Published Dec 18, 2025· Updated Apr 15, 2026

CVE-2023-53935

CVE-2023-53935

Description

WBiz Desk 1.2 contains a SQL injection vulnerability that allows non-admin users to manipulate database queries through the 'tk' parameter in ticket.php. Attackers can inject crafted SQL statements using UNION-based techniques to extract sensitive database information by sending malformed requests to the ticket endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.

CVE-2023-53935 · Medium · VYPR