exploitDog

GHSA-g2j5-j7p5-p54p

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Ссылки

EPSS

Процентиль: 65%

0.00494

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2014-1645

nvd

почти 12 лет назад

SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 65%

0.00494

Низкий

CVE ID

Дефекты

CWE-89