exploitDog

GHSA-8rp9-2pj2-rv3j

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Ссылки

EPSS

Процентиль: 75%

0.00878

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2016-1154

CVSS3: 9.1

nvd

почти 10 лет назад

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 75%

0.00878

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-89