Описание
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cafuego:simple_document_management_system:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:cafuego:simple_document_management_system:1.1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00122
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EPSS
Процентиль: 32%
0.00122
Низкий
7.5 High
CVSS2
Дефекты
CWE-89