exploitDog

GHSA-wp4r-c6wp-5m5q

Опубликовано: 02 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS4: 9.3

CVSS3: 9.8

Описание

SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter.

SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter.

Ссылки

EPSS

Процентиль: 63%

0.00457

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2024-43772

CVSS3: 9.8

nvd

больше 1 года назад

SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter.

EPSS

Процентиль: 63%

0.00457

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89