exploitDog

CVE-2019-17612

Опубликовано: 15 окт. 2019

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method in the Common/Controller/BackendController.class.php file via the index.php?m=Admin&c=Ad&a=category sort parameter.

Ссылки

https://github.com/Ers4tz/vuln/blob/master/74cms_5.2.8_SQLI.md
Exploit
Third Party Advisory
https://github.com/Ers4tz/vuln/blob/master/74cms_5.2.8_SQLI.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:74cms:74cms:5.2.8:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00303

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-p7fg-6vqv-fphv

CVSS3: 7.2

github

больше 3 лет назад

An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method in the Common/Controller/BackendController.class.php file via the index.php?m=Admin&c=Ad&a=category sort parameter.

EPSS

Процентиль: 53%

0.00303

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89