Описание
Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php.
Ссылки
- Broken Link
- Broken Link
- Vendor Advisory
- Patch
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken Link
- Vendor Advisory
- Patch
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:fretsweb_project:fretsweb:1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00386
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php.
EPSS
Процентиль: 59%
0.00386
Низкий
7.5 High
CVSS2
Дефекты
CWE-89