exploitDog

GHSA-2h57-3xqf-9v5f

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.

SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.

Ссылки

EPSS

Процентиль: 53%

0.00308

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2008-6875

nvd

больше 16 лет назад

SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.

EPSS

Процентиль: 53%

0.00308

Низкий

CVE ID

Дефекты

CWE-89