CVE-2023-0673

Опубликовано: 04 фев. 2023

Источник: nvd

CVSS3: 5

CVSS3: 8.1

CVSS2: 4.6

EPSS Низкий

Описание

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The associated identifier of this vulnerability is VDB-220195.

Ссылки

https://vuldb.com/?ctiid.220195
Permissions Required
Third Party Advisory
https://vuldb.com/?id.220195
Third Party Advisory
https://vuldb.com/?ctiid.220195
Permissions Required
Third Party Advisory
https://vuldb.com/?id.220195
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00056

Низкий

5 Medium

CVSS3

8.1 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-x4xq-q49r-j29g

CVSS3: 9.8

github

около 3 лет назад

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-220195.

EPSS

Процентиль: 18%

0.00056

Низкий

5 Medium

CVSS3

8.1 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-89