exploitDog

GHSA-q9j8-h7pf-vf9x

Опубликовано: 16 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.3

Описание

SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.

SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.

Ссылки

EPSS

Процентиль: 7%

0.00027

Низкий

8.3 High

CVSS4

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-40985

nvd

7 месяцев назад

SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.

EPSS

Процентиль: 7%

0.00027

Низкий

8.3 High

CVSS4

CVE ID

Дефекты

CWE-89