exploitDog

GHSA-5845-jw3p-fg89

Опубликовано: 23 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.

Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.

Ссылки

EPSS

Процентиль: 87%

0.03203

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-26284

CVSS3: 9.8

nvd

почти 4 года назад

Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.

EPSS

Процентиль: 87%

0.03203

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89