exploitDog

GHSA-hgx2-jcmx-3738

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

Ссылки

EPSS

Процентиль: 64%

0.00464

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2014-2351

nvd

больше 11 лет назад

SQL injection vulnerability in the LiveData service in CSWorks before 2.5.5233.0 allows remote attackers to execute arbitrary SQL commands via vectors related to pathnames contained in web API requests.

EPSS

Процентиль: 64%

0.00464

Низкий

CVE ID

Дефекты

CWE-89