Описание
SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.25 (включая)
Одно из
cpe:2.3:a:battleblog:battleblog:*:build_4:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.0d:build_3:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.0d:build_4:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.0d:build_5:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.0d:build_5a:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.0d:build_6:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.05:build_1:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.20:build_1:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.20:build_2:*:*:*:*:*:*
cpe:2.3:a:battleblog:battleblog:1.20:build_3:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00897
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in comment.asp in Battle Blog 1.25 and earlier allows remote attackers to execute arbitrary SQL commands via the entry parameter.
EPSS
Процентиль: 75%
0.00897
Низкий
7.5 High
CVSS2
Дефекты
CWE-89