Описание
Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:coinsoft_technologies:phpcoin:1.2:*:*:*:*:*:*:*
cpe:2.3:a:coinsoft_technologies:phpcoin:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:coinsoft_technologies:phpcoin:1.2.1b:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00518
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order.
EPSS
Процентиль: 66%
0.00518
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other