CVE-2015-5659

Опубликовано: 11 окт. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in Network Applied Communication Laboratory Pref Shimane CMS 2.x before 2.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Ссылки

http://jvn.jp/en/jp/JVN84982142/995760/index.html
http://jvn.jp/en/jp/JVN84982142/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000158
Vendor Advisory
https://github.com/NaCl-Ltd/pref-shimane-cms/blob/master/README.md
https://github.com/NaCl-Ltd/pref-shimane-cms/commit/5ec03cb174513844c410ee7fba594c544ba80ce2
https://github.com/NaCl-Ltd/pref-shimane-cms/commit/ab96ec7661f15a0129940eed9215c91f1acbf564
http://jvn.jp/en/jp/JVN84982142/995760/index.html
http://jvn.jp/en/jp/JVN84982142/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000158
Vendor Advisory
https://github.com/NaCl-Ltd/pref-shimane-cms/blob/master/README.md
https://github.com/NaCl-Ltd/pref-shimane-cms/commit/5ec03cb174513844c410ee7fba594c544ba80ce2
https://github.com/NaCl-Ltd/pref-shimane-cms/commit/ab96ec7661f15a0129940eed9215c91f1acbf564

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:network_applied_communication_laboratory:shimane_prefecture_cms:2.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00515

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-q5w4-h927-6jj8

github

больше 3 лет назад