CVE-2018-7474

Опубликовано: 14 мар. 2018

Источник: debian

Описание

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.

Пакет	Статус	Версия исправления	Релиз	Тип
textpattern	removed			package

CVE-2018-7474

CVSS3: 9.8

nvd

почти 8 лет назад

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.

GHSA-5hg4-vfjp-6h7w

CVSS3: 9.8

github

больше 3 лет назад

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.