Описание
SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows remote attackers to execute arbitrary SQL commands via the invoiceID parameter.
SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows remote attackers to execute arbitrary SQL commands via the invoiceID parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23264
- http://secunia.com/advisories/17755
- http://securitytracker.com/id?1015334
- http://www.osvdb.org/21180
- http://www.securityfocus.com/archive/1/418851/100/0/threaded
- http://www.securityfocus.com/bid/15766
- http://www.vupen.com/english/advisories/2005/2633
EPSS
Процентиль: 76%
0.00963
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
SQL injection vulnerability in viewinvoice.php in DRZES HMS 3.2 allows remote attackers to execute arbitrary SQL commands via the invoiceID parameter.
EPSS
Процентиль: 76%
0.00963
Низкий