exploitDog

GHSA-3p28-9cmp-jwr5

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

Ссылки

EPSS

Процентиль: 73%

0.00789

Низкий

CVE ID

Связанные уязвимости

CVE-2020-9268

CVSS3: 7.5

nvd

почти 6 лет назад

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

EPSS

Процентиль: 73%

0.00789

Низкий

CVE ID