exploitDog

GHSA-4hp9-9cg9-jj2r

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm.

Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm.

Ссылки

EPSS

Процентиль: 88%

0.03641

Низкий

CVE ID

Связанные уязвимости

CVE-2006-2046

nvd

почти 20 лет назад

Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm.

EPSS

Процентиль: 88%

0.03641

Низкий

CVE ID