Описание
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.
Ссылки
- https://0day4u.wordpress.com/2018/02/22/schools-alert-management-script-2-0-2-authentication-bypass/ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- https://0day4u.wordpress.com/2018/02/22/schools-alert-management-script-2-0-2-authentication-bypass/ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:schools_alert_management_script_project:schools_alert_management_script:2.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00572
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.
EPSS
Процентиль: 68%
0.00572
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89