Описание
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:fusetalk:fusetalk:2.0:-:basic:*:*:*:*:*
cpe:2.3:a:fusetalk:fusetalk:2.0:-:coldfusion:*:*:*:*:*
cpe:2.3:a:fusetalk:fusetalk:2.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:fusetalk:fusetalk:2.0:-:standard:*:*:*:*:*
EPSS
Процентиль: 59%
0.00387
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm.
EPSS
Процентиль: 59%
0.00387
Низкий
7.5 High
CVSS2
Дефекты
CWE-89