exploitDog

GHSA-c7mx-g2c4-4phj

Опубликовано: 25 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

Ссылки

EPSS

Процентиль: 36%

0.00153

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-27255

CVSS3: 9.8

nvd

больше 2 лет назад

Unauthenticated SQL injection in the DeleteRoomChanges method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers.

EPSS

Процентиль: 36%

0.00153

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89