Описание
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:g2soft:pentacle_in-out_board:6.03:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02002
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
EPSS
Процентиль: 83%
0.02002
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other