exploitDog

GHSA-pg2r-6r9r-3896

Опубликовано: 13 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.

SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.

Ссылки

EPSS

Процентиль: 50%

0.00264

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-27472

CVSS3: 9.8

nvd

почти 4 года назад

SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely.

EPSS

Процентиль: 50%

0.00264

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89