exploitDog

GHSA-gcx9-r423-9gfc

Опубликовано: 09 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.

SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.

Ссылки

EPSS

Процентиль: 31%

0.00115

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-37872

CVSS3: 8.1

nvd

больше 1 года назад

SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.

EPSS

Процентиль: 31%

0.00115

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-89