exploitDog

CVE-2008-5571

Опубликовано: 15 дек. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dotnetindex:professional_download_assistant:0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01352

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-7645-v67f-hhv7

github

больше 3 лет назад

SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 80%

0.01352

Низкий

7.5 High

CVSS2

Дефекты

CWE-89