exploitDog

CVE-2021-36431

Опубликовано: 03 фев. 2023

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_check() function in jocms/apps/mask/inc/mask.php.

Ссылки

https://github.com/mxgbr/jocms/issues/6
Exploit
Issue Tracking
Third Party Advisory
https://github.com/mxgbr/jocms/issues/6
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jocms_project:jocms:0.8:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00059

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-q8vx-hrfr-v7f5

CVSS3: 9.1

github

около 3 лет назад

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_check() function in jocms/apps/mask/inc/mask.php.

EPSS

Процентиль: 18%

0.00059

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-89

CWE-89