Описание
SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php.
Ссылки
- ExploitIssue TrackingVendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:institutional_management_website_project:institutional_management_website:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.0036
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
почти 3 года назад
SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php.
EPSS
Процентиль: 58%
0.0036
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89
CWE-89