exploitDog

GHSA-3jhc-2mfc-c8cp

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php.

Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php.

Ссылки

EPSS

Процентиль: 69%

0.00601

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2008-5434

nvd

около 17 лет назад

Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) order_by or (2) direction parameter to admin/users.php, or (3) configuration options to admin/settings.php.

EPSS

Процентиль: 69%

0.00601

Низкий

CVE ID

Дефекты

CWE-89