exploitDog

CVE-2009-3642

Опубликовано: 09 окт. 2009

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in the Call Logging feature in FrontRange HEAT 8.01 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

Ссылки

http://packetstormsecurity.org/0909-exploits/heat-sql.txt
Exploit
http://secunia.com/advisories/36900
Vendor Advisory
http://packetstormsecurity.org/0909-exploits/heat-sql.txt
Exploit
http://secunia.com/advisories/36900
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:frontrange:heat:8.01:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00296

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-377x-3gqm-h467

github

почти 4 года назад

Multiple SQL injection vulnerabilities in the Call Logging feature in FrontRange HEAT 8.01 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

EPSS

Процентиль: 52%

0.00296

Низкий

7.5 High

CVSS2

Дефекты

CWE-89