Описание
DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dbhcms_project:dbhcms:1.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00206
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at line 175 of dbhcms\page.php for empty cache operation. This vulnerability can be exploited to empty a table.
EPSS
Процентиль: 43%
0.00206
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-287