Описание
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gforge:gforge:4.5:*:*:*:*:*:*:*
cpe:2.3:a:gforge:gforge:4.6:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.0108
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
ubuntu
почти 17 лет назад
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
debian
почти 17 лет назад
SQL injection vulnerability in the create function in common/include/G ...
github
больше 3 лет назад
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
EPSS
Процентиль: 77%
0.0108
Низкий
7.5 High
CVSS2
Дефекты
CWE-89