exploitDog

GHSA-v2vx-hcgc-qcvc

Опубликовано: 22 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of the Address.php component.

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of the Address.php component.

Ссылки

EPSS

Процентиль: 68%

0.00578

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-28560

CVSS3: 5.4

nvd

почти 2 года назад

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of the Address.php component.

EPSS

Процентиль: 68%

0.00578

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-89