CVE-2020-3937

Опубликовано: 04 фев. 2020

Источник: nvd

CVSS3: 8.1

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database.

Ссылки

https://tvn.twcert.org.tw/taiwanvn/TVN-201910013
Third Party Advisory
https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215
Third Party Advisory
https://tvn.twcert.org.tw/taiwanvn/TVN-201910013
Third Party Advisory
https://www.chtsecurity.com/news/a791f509-9782-4be1-b71f-22fc619f8215
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sysjust:syuan-gu-da-shin:*:*:*:*:*:*:*:*

Версия до 20191223 (исключая)

EPSS

Процентиль: 56%

0.00334

Низкий

8.1 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-v4ff-5p6c-h76r

CVSS3: 7.5

github

больше 3 лет назад

SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database.

EPSS

Процентиль: 56%

0.00334

Низкий

8.1 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-89