Описание
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jiro:banner_system:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00433
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.
EPSS
Процентиль: 62%
0.00433
Низкий
7.5 High
CVSS2
Дефекты
CWE-89