exploitDog

CVE-2022-28552

Опубликовано: 04 мая 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

Cscms 4.1 is vulnerable to SQL Injection. Log into the background, open the song module, create a new song, delete it to the recycle bin, and SQL injection security problems will occur when emptying the recycle bin.

Ссылки

https://github.com/chshcms/cscms/issues/10
Exploit
Issue Tracking
Third Party Advisory
https://github.com/chshcms/cscms/issues/10
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:chshcms:cscms:4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00239

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-mrjj-g7f8-98cg

CVSS3: 8.8

github

почти 4 года назад

Cscms 4.1 is vulnerable to SQL Injection. Log into the background, open the song module, create a new song, delete it to the recycle bin, and SQL injection security problems will occur when emptying the recycle bin.

EPSS

Процентиль: 47%

0.00239

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89