exploitDog

GHSA-hm22-mpqr-wp46

Опубликовано: 04 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.

Ссылки

EPSS

Процентиль: 8%

0.0003

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-51327

CVSS3: 9.8

nvd

больше 1 года назад

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.

EPSS

Процентиль: 8%

0.0003

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89