Описание
Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php.
Ссылки
- Exploit
- ExploitVendor Advisory
- Exploit
- Exploit
- Exploit
- ExploitVendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dev:dev_web_management_system:1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01746
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php.
EPSS
Процентиль: 82%
0.01746
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other