exploitDog

GHSA-4ggq-ghmc-h6h3

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters.

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters.

Ссылки

EPSS

Процентиль: 47%

0.00244

Низкий

8.8 High

CVSS3

CVE ID

CVE-2018-1000650

Дефекты

CWE-89

Связанные уязвимости

CVE-2018-1000650

CVSS3: 8.8

nvd

больше 7 лет назад

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters.

EPSS

Процентиль: 47%

0.00244

Низкий

8.8 High

CVSS3

CVE ID

CVE-2018-1000650

Дефекты

CWE-89