Описание
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 1.6 (включая)
cpe:2.3:a:moxa:softcms_lab_view:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00204
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password.
EPSS
Процентиль: 42%
0.00204
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
CWE-89