exploitDog

CVE-2008-3788

Опубликовано: 26 авг. 2008

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:picturespro:picturespro_photo_cart:3.9:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00633

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-w587-hm47-h5qm

github

почти 4 года назад

Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php.

EPSS

Процентиль: 70%

0.00633

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-89