CVE-2023-1293

Опубликовано: 09 мар. 2023

Источник: nvd

CVSS3: 5

CVSS3: 8.1

CVSS2: 4.6

EPSS Низкий

Описание

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqli_query of the file admin_cs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222647.

Ссылки

https://blog.csdn.net/weixin_43864034/article/details/129418770
Broken Link
https://vuldb.com/?ctiid.222647
Third Party Advisory
https://vuldb.com/?id.222647
Third Party Advisory
https://blog.csdn.net/weixin_43864034/article/details/129418770
Broken Link
https://vuldb.com/?ctiid.222647
Third Party Advisory
https://vuldb.com/?id.222647
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:online_graduate_tracer_system_project:online_graduate_tracer_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00055

Низкий

5 Medium

CVSS3

8.1 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-689x-h5c5-3rx4

CVSS3: 9.8

github

почти 3 года назад

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqli_query of the file admin_cs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222647.

EPSS

Процентиль: 17%

0.00055

Низкий

5 Medium

CVSS3

8.1 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-89