Описание
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libkohana2-php | removed | package | ||
| libkohana2-php | not-affected | jessie | package |
Примечания
https://github.com/huzr2018/orderby_SQLi/tree/master/kohana
https://github.com/koseven/koseven/issues/323
EPSS
Процентиль: 92%
0.0841
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 7 лет назад
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
CVSS3: 9.8
nvd
почти 7 лет назад
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
CVSS3: 9.8
github
больше 3 лет назад
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
EPSS
Процентиль: 92%
0.0841
Низкий