exploitDog

GHSA-439v-qhv3-9f5x

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter.

SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter.

Ссылки

EPSS

Процентиль: 78%

0.01135

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2005-4606

nvd

около 20 лет назад

SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter.

EPSS

Процентиль: 78%

0.01135

Низкий

CVE ID

Дефекты

CWE-89