exploitDog

GHSA-hvmg-pgch-cw7v

Опубликовано: 22 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.

SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.

Ссылки

EPSS

Процентиль: 98%

0.61802

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-29275

CVSS3: 9.8

nvd

почти 2 года назад

SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.

EPSS

Процентиль: 98%

0.61802

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89