exploitDog

GHSA-5hg4-vfjp-6h7w

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.

Ссылки

EPSS

Процентиль: 95%

0.17139

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2018-7474

CVSS3: 9.8

nvd

почти 8 лет назад

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.

CVE-2018-7474

CVSS3: 9.8

debian

почти 8 лет назад

An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is po ...

EPSS

Процентиль: 95%

0.17139

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89