Описание
Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) where and (3) order parameters to (b) admin.php.
Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) where and (3) order parameters to (b) admin.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1853
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25926
- http://pridels0.blogspot.com/2006/04/modernbill-multiple-sql-inj-vuln.html
- http://secunia.com/advisories/19641
- http://www.securityfocus.com/bid/17596
- http://www.vupen.com/english/advisories/2006/1415
EPSS
Процентиль: 64%
0.00475
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) where and (3) order parameters to (b) admin.php.
EPSS
Процентиль: 64%
0.00475
Низкий