exploitDog

GHSA-jpx8-ff9r-rjvw

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php.

Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php.

Ссылки

EPSS

Процентиль: 68%

0.00582

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2005-3877

nvd

около 20 лет назад

Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php.

EPSS

Процентиль: 68%

0.00582

Низкий

CVE ID

Дефекты

CWE-89