Описание
SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:musox:df_msanalysis:1.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01462
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name.
EPSS
Процентиль: 81%
0.01462
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other