exploitDog

GHSA-vx27-mvqf-w85x

Опубликовано: 23 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases.

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases.

Ссылки

EPSS

Процентиль: 70%

0.00635

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2022-37773

CVSS3: 6.5

nvd

около 3 лет назад

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases.

EPSS

Процентиль: 70%

0.00635

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89