exploitDog

GHSA-79pw-j974-3gj9

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name.

SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name.

Ссылки

EPSS

Процентиль: 75%

0.00889

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2011-3831

nvd

около 14 лет назад

SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to execute arbitrary SQL commands via an uploaded file with a crafted file name.

EPSS

Процентиль: 75%

0.00889

Низкий

CVE ID

Дефекты

CWE-89