exploitDog

GHSA-ppmw-wjmq-4fr9

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.

SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.

Ссылки

EPSS

Процентиль: 88%

0.04009

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2006-0318

nvd

около 20 лет назад

SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.

EPSS

Процентиль: 88%

0.04009

Низкий

CVE ID

Дефекты

CWE-89