exploitDog

CVE-2021-45791

Опубликовано: 17 мар. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users.

Ссылки

https://github.com/slims/slims8_akasia/issues/200
Exploit
Issue Tracking
Third Party Advisory
https://github.com/slims/slims8_akasia/issues/200
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:slims:senayan_library_management_system:8.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00316

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-78fh-m7pg-3hwc

CVSS3: 8.8

github

почти 4 года назад

Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin/modules/membership/member_type.php, /admin/modules/system/user_group.php, and /admin/modules/membership/index.php through the dir parameter. It can be used by remotely authenticated librarian users.

EPSS

Процентиль: 54%

0.00316

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89