exploitDog

GHSA-6v2c-hxhp-8jx7

Опубликовано: 09 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 9.3

CVSS3: 9.8

Описание

OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could read, write, or delete any content in the underlying database.

OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could read, write, or delete any content in the underlying database.

Ссылки

EPSS

Процентиль: 22%

0.00071

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-58462

CVSS3: 9.8

nvd

5 месяцев назад

OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via SearchPopularDocs.aspx. A remote, unauthenticated attacker could read, write, or delete any content in the underlying database.

EPSS

Процентиль: 22%

0.00071

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89