CVE-2015-10016

Опубликовано: 06 янв. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability, which was classified as critical, has been found in jeff-kelley opensim-utils. Affected by this issue is the function DatabaseForRegion of the file regionscrits.php. The manipulation of the argument region leads to sql injection. The patch is identified as c29e5c729a833a29dbf5b1e505a0553fe154575e. It is recommended to apply a patch to fix this issue. VDB-217550 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/jeff-kelley/opensim-utils/commit/c29e5c729a833a29dbf5b1e505a0553fe154575e
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217550
Permissions Required
Third Party Advisory
https://vuldb.com/?id.217550
Permissions Required
Third Party Advisory
https://github.com/jeff-kelley/opensim-utils/commit/c29e5c729a833a29dbf5b1e505a0553fe154575e
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217550
Permissions Required
Third Party Advisory
https://vuldb.com/?id.217550
Permissions Required
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opensim-utils_project:opensim-utils:*:*:*:*:*:*:*:*

Версия до 12-14-2015 (исключая)

EPSS

Процентиль: 53%

0.00297

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-4x4w-9xcx-rm38

CVSS3: 9.8

github

около 3 лет назад

A vulnerability, which was classified as critical, has been found in jeff-kelley opensim-utils. Affected by this issue is the function DatabaseForRegion of the file regionscrits.php. The manipulation of the argument region leads to sql injection. The name of the patch is c29e5c729a833a29dbf5b1e505a0553fe154575e. It is recommended to apply a patch to fix this issue. VDB-217550 is the identifier assigned to this vulnerability.

EPSS

Процентиль: 53%

0.00297

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89