exploitDog

GHSA-24q9-34wm-r8c7

Опубликовано: 14 авг. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

Ссылки

EPSS

Процентиль: 75%

0.009

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-7731

CVSS3: 9.8

nvd

12 месяцев назад

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

EPSS

Процентиль: 75%

0.009

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89