exploitDog

GHSA-wg47-xqc5-g367

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.

SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.

Ссылки

EPSS

Процентиль: 55%

0.00326

Низкий

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2008-0681

nvd

почти 18 лет назад

SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.

EPSS

Процентиль: 55%

0.00326

Низкий

CVE ID

Дефекты

CWE-89