exploitDog

CVE-2016-10379

Опубликовано: 29 мая 2017

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php.

Ссылки

http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html
Exploit
Third Party Advisory
http://www.securityfocus.com/bid/98753
Third Party Advisory
VDB Entry
http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html
Exploit
Third Party Advisory
http://www.securityfocus.com/bid/98753
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:virtuemart:virtuemart:3.0.14:*:*:*:*:joomla\!:*:*

EPSS

Процентиль: 70%

0.00641

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-f5fv-m9cj-f76g

CVSS3: 7.2

github

больше 3 лет назад

The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php.

EPSS

Процентиль: 70%

0.00641

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89