exploitDog

GHSA-4m9h-7gmv-8qc2

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.

SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.

Ссылки

EPSS

Процентиль: 40%

0.00181

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2009-0707

nvd

почти 17 лет назад

SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 40%

0.00181

Низкий

CVE ID

Дефекты

CWE-89