exploitDog

CVE-2020-18081

Опубликовано: 17 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.

Ссылки

https://github.com/cve-vul/vul/blob/master/SEMCMS/backstage_access_control.md
Exploit
Third Party Advisory
https://github.com/cve-vul/vul/blob/master/SEMCMS/backstage_access_control.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sem-cms:semcms:3.8:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00318

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-fqr6-9963-4974

github

около 4 лет назад

The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.

EPSS

Процентиль: 54%

0.00318

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89