exploitDog

GHSA-x6jw-v4hx-374p

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SQL injection vulnerability in additional_images.php (aka the Additional Images module) before 1.14 in osCommerce allows remote attackers to execute arbitrary SQL commands via the products_id parameter to product_info.php.

SQL injection vulnerability in additional_images.php (aka the Additional Images module) before 1.14 in osCommerce allows remote attackers to execute arbitrary SQL commands via the products_id parameter to product_info.php.

Ссылки

EPSS

Процентиль: 74%

0.00816

Низкий

CVE ID

Связанные уязвимости

CVE-2005-4677

nvd

около 20 лет назад

SQL injection vulnerability in additional_images.php (aka the Additional Images module) before 1.14 in osCommerce allows remote attackers to execute arbitrary SQL commands via the products_id parameter to product_info.php.

EPSS

Процентиль: 74%

0.00816

Низкий

CVE ID