Описание
An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:evolutionscript:helpdeskz:1.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00264
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
EPSS
Процентиль: 50%
0.00264
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-89