exploitDog

GHSA-5gvm-9848-xhgq

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.

SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.

Ссылки

EPSS

Процентиль: 79%

0.01219

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2010-4910

nvd

больше 14 лет назад

SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.

EPSS

Процентиль: 79%

0.01219

Низкий

CVE ID

Дефекты

CWE-89