Описание
Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) monthy parameter to index.php or (2) login parameter to admin/index.php. NOTE: some sources have reported item 1 as involving the "monthly" parameter, but this is incorrect.
Ссылки
- ExploitVendor Advisory
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:e-moblog:e-moblog:1.3:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02475
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) monthy parameter to index.php or (2) login parameter to admin/index.php. NOTE: some sources have reported item 1 as involving the "monthly" parameter, but this is incorrect.
EPSS
Процентиль: 85%
0.02475
Низкий
7.5 High
CVSS2
Дефекты
CWE-89