exploitDog

GHSA-fw89-hr7j-cx8r

Опубликовано: 29 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 9.8

Описание

SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint.

SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint.

Ссылки

EPSS

Процентиль: 10%

0.00035

Низкий

8.7 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-40682

CVSS3: 9.8

nvd

6 месяцев назад

SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint.

EPSS

Процентиль: 10%

0.00035

Низкий

8.7 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89