exploitDog

GHSA-fjg6-cxgj-mf3h

Опубликовано: 17 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.

Ссылки

EPSS

Процентиль: 50%

0.00265

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-26020

CVSS3: 5.7

nvd

почти 3 года назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26.

EPSS

Процентиль: 50%

0.00265

Низкий

7.2 High

CVSS3

CVE ID

Дефекты

CWE-89