exploitDog

GHSA-cqjc-pfg6-24mx

Опубликовано: 18 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.8

Описание

SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function

SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function

Ссылки

EPSS

Процентиль: 58%

0.00364

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-57151

CVSS3: 6.8

nvd

11 месяцев назад

SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function

EPSS

Процентиль: 58%

0.00364

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-89