Описание
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (включая)
Одно из
cpe:2.3:a:cynthia_fridsma:horizon_quick_content_management_system:*:*:*:*:*:*:*:*
cpe:2.3:a:cynthia_fridsma:horizon_quick_content_management_system:3.2:a:*:*:*:*:*:*
cpe:2.3:a:cynthia_fridsma:horizon_quick_content_management_system:3.3:*:*:*:*:*:*:*
cpe:2.3:a:cynthia_fridsma:horizon_quick_content_management_system:3.4:*:*:*:*:*:*:*
cpe:2.3:a:cynthia_fridsma:horizon_quick_content_management_system:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:cynthia_fridsma:horizon_quick_content_management_system:3.5.2:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00161
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.
EPSS
Процентиль: 37%
0.00161
Низкий
7.5 High
CVSS2
Дефекты
CWE-89