Описание
A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wolterskluwer:teammate\+_audit:28.0.19.0:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00318
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A blind SQL injection vulnerability in search form in TeamMate+ Audit version 28.0.19.0 allows any authenticated user to create malicious SQL injections, which can result in complete database compromise, gaining information about other users, unauthorized access to audit data etc.
EPSS
Процентиль: 54%
0.00318
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89