exploitDog

GHSA-6fhp-x3v7-v4f9

Опубликовано: 02 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 8.8

Описание

SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the qlevel parameter.

SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the qlevel parameter.

Ссылки

EPSS

Процентиль: 63%

0.00457

Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-43776

CVSS3: 8.8

nvd

больше 1 года назад

SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the qlevel parameter.

EPSS

Процентиль: 63%

0.00457

Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89