exploitDog

GHSA-pcwj-m6p3-w8x3

Опубликовано: 15 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not needed.

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not needed.

Ссылки

EPSS

Процентиль: 23%

0.00078

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-32993

CVSS3: 6.5

nvd

10 месяцев назад

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not needed.

EPSS

Процентиль: 23%

0.00078

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89