Описание
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:victor_cms_project:victor_cms:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00257
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
почти 4 года назад
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter.
EPSS
Процентиль: 49%
0.00257
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89