exploitDog

GHSA-85v4-r279-j4ww

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.

Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.

Ссылки

EPSS

Процентиль: 72%

0.00721

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2010-2135

nvd

больше 15 лет назад

Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) password fields.

EPSS

Процентиль: 72%

0.00721

Низкий

CVE ID

Дефекты

CWE-89