Описание
Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mysimplenews:mysimplenews:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03822
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3.
EPSS
Процентиль: 88%
0.03822
Низкий
7.5 High
CVSS2
Дефекты
CWE-94