exploitDog

CVE-2015-3345

Опубликовано: 21 апр. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows remote administrators to execute arbitrary SQL commands via unspecified vectors, related to the "phpList database."

Ссылки

http://www.openwall.com/lists/oss-security/2015/01/29/6
http://www.securityfocus.com/bid/72634
https://www.drupal.org/node/2402517
Patch
https://www.drupal.org/node/2403343
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2015/01/29/6
http://www.securityfocus.com/bid/72634
https://www.drupal.org/node/2402517
Patch
https://www.drupal.org/node/2403343
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phplist_integration_project:phplist_integration:*:*:*:*:*:drupal:*:*

Версия до 6.x-1.6 (включая)

EPSS

Процентиль: 48%

0.00247

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-7j82-f7g7-28w2

github

больше 3 лет назад

SQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows remote administrators to execute arbitrary SQL commands via unspecified vectors, related to the "phpList database."

EPSS

Процентиль: 48%

0.00247

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89