Описание
SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation.
SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1519
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18053
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18079
- http://marc.info/?l=bugtraq&m=110029315521568&w=2
- http://marc.info/?l=bugtraq&m=110037345428403&w=2
- http://marc.info/?l=bugtraq&m=110037408101974&w=2
- http://www.osvdb.org/displayvuln.php?osvdb_id=11718
EPSS
Процентиль: 71%
0.00677
Низкий
CVE ID
Связанные уязвимости
nvd
около 21 года назад
SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands via (1) the bug_id parameter in a viewvotes operation or (2) the project parameter in an add operation.
EPSS
Процентиль: 71%
0.00677
Низкий