exploitDog

GHSA-j3mg-f4qx-hgjm

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

Ссылки

EPSS

Процентиль: 87%

0.0331

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2006-3904

nvd

больше 19 лет назад

SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

EPSS

Процентиль: 87%

0.0331

Низкий

CVE ID

Дефекты

CWE-89