Описание
evalSMSI 2.1.03 stores passwords in cleartext in the database, which allows attackers with database access to gain privileges. NOTE: remote attack vectors are possible by leveraging a separate SQL injection vulnerability.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:myshell:evalsmsi:2.1.03:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00491
Низкий
7.5 High
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
почти 4 года назад
evalSMSI 2.1.03 stores passwords in cleartext in the database, which allows attackers with database access to gain privileges. NOTE: remote attack vectors are possible by leveraging a separate SQL injection vulnerability.
EPSS
Процентиль: 65%
0.00491
Низкий
7.5 High
CVSS2
Дефекты
CWE-255