exploitDog

GHSA-2qxj-9jmr-f734

Опубликовано: 25 янв. 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.

Ссылки

EPSS

Процентиль: 93%

0.11163

Средний

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-40908

CVSS3: 9.8

nvd

около 4 лет назад

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.

EPSS

Процентиль: 93%

0.11163

Средний

CVE ID

Дефекты

CWE-89