exploitDog

GHSA-4mr9-2r6g-c8c7

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname (UserName) parameter.

SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname (UserName) parameter.

Ссылки

EPSS

Процентиль: 81%

0.01573

Низкий

CVE ID

Связанные уязвимости

CVE-2006-6524

nvd

около 19 лет назад

SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname (UserName) parameter.

EPSS

Процентиль: 81%

0.01573

Низкий

CVE ID