exploitDog

GHSA-jh8r-584f-349g

Опубликовано: 16 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 8.8

Описание

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customer_support/manage_user.php endpoint.

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customer_support/manage_user.php endpoint.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-40728

CVSS3: 8.8

nvd

8 месяцев назад

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customer_support/manage_user.php endpoint.

EPSS

Процентиль: 11%

0.00038

Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89