exploitDog

GHSA-fpw9-w78g-pvvx

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

Ссылки

EPSS

Процентиль: 61%

0.0041

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2009-1741

nvd

больше 16 лет назад

Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

EPSS

Процентиль: 61%

0.0041

Низкий

CVE ID

Дефекты

CWE-89