Описание
SQL injection vulnerability in mod_banners.php in Elxis CMS before 2006.4 20070613 allows remote attackers to execute arbitrary SQL commands via the mb_tracker cookie. NOTE: the product was patched without updating the version number; later downloads of 2006.4 are not affected.
Ссылки
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:elxis:elxis_cms:2006.1:*:*:*:*:*:*:*
cpe:2.3:a:elxis:elxis_cms:2006.2:*:*:*:*:*:*:*
cpe:2.3:a:elxis:elxis_cms:2006.3:*:*:*:*:*:*:*
cpe:2.3:a:elxis:elxis_cms:2006.4:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00893
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in mod_banners.php in Elxis CMS before 2006.4 20070613 allows remote attackers to execute arbitrary SQL commands via the mb_tracker cookie. NOTE: the product was patched without updating the version number; later downloads of 2006.4 are not affected.
EPSS
Процентиль: 75%
0.00893
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other