Описание
SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information.
Ссылки
- ExploitThird Party Advisory
- ExploitVendor Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- ExploitVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:seopanel:seo_panel:4.9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00912
Низкий
7.5 High
CVSS3
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information.
EPSS
Процентиль: 75%
0.00912
Низкий
7.5 High
CVSS3
Дефекты
CWE-89
CWE-89