Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-74gf-3gg2-4jc6

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.

Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.

Ссылки

EPSS

Процентиль: 31%
0.00117
Низкий

CVE ID

CVE-2020-11545

Связанные уязвимости

nvd логотип

CVE-2020-11545

CVSS3: 9.8
nvd
почти 6 лет назад

Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.

fstec логотип

BDU:2022-06600

CVSS3: 9.8
fstec
почти 6 лет назад

Уязвимость реализации сценариев account.php, login.php и book_car.php CMS-системы Official Car Rental System, позволяющая нарушителю обойти ограничения безопасности

EPSS

Процентиль: 31%
0.00117
Низкий

CVE ID

CVE-2020-11545