Описание
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:aeries:aeries_student_information_system:3.7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:aeries:aeries_student_information_system:3.8.2.8:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00424
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp.
EPSS
Процентиль: 62%
0.00424
Низкий
7.5 High
CVSS2
Дефекты
CWE-89