exploitDog

GHSA-qmc9-8pmw-gfgh

Опубликовано: 05 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution.

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution.

Ссылки

EPSS

Процентиль: 77%

0.01075

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-33367

CVSS3: 9.8

nvd

больше 2 лет назад

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution.

EPSS

Процентиль: 77%

0.01075

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89