exploitDog

GHSA-gp72-w5fg-q33m

Опубликовано: 01 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .

A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .

Ссылки

EPSS

Процентиль: 41%

0.00189

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-51683

CVSS3: 9.8

nvd

2 месяца назад

A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .

EPSS

Процентиль: 41%

0.00189

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89