Описание
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Комментарий
Per: http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000010.html
'[Do not use HL-SiteManager] As patches will not be provided, users are recommended to discontinue use of HL-SiteManager and switch to a different product that provides equivalent functionality. '
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:heartlogic:hl-sitemanager:0.50:*:*:*:*:*:*:*
cpe:2.3:a:heartlogic:hl-sitemanager:0.70:*:*:*:*:*:*:*
cpe:2.3:a:heartlogic:hl-sitemanager:0.71:*:*:*:*:*:*:*
cpe:2.3:a:heartlogic:hl-sitemanager:1.00:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00397
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
EPSS
Процентиль: 60%
0.00397
Низкий
7.5 High
CVSS2
Дефекты
CWE-89