exploitDog

GHSA-5x5p-mx9q-gjm3

Опубликовано: 17 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.

Ссылки

EPSS

Процентиль: 36%

0.0015

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-30985

CVSS3: 9.8

nvd

почти 2 года назад

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters.

EPSS

Процентиль: 36%

0.0015

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89