CVE-2023-2660

Опубликовано: 11 мая 2023

Источник: nvd

CVSS3: 6.3

CVSS3: 9.8

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file view_categories.php. The manipulation of the argument c leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228802 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#4sql-injection-vulnerability-in-view_categoriesphp
Exploit
https://vuldb.com/?ctiid.228802
Permissions Required
Third Party Advisory
VDB Entry
https://vuldb.com/?id.228802
Third Party Advisory
VDB Entry
https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#4sql-injection-vulnerability-in-view_categoriesphp
Exploit
https://vuldb.com/?ctiid.228802
Permissions Required
Third Party Advisory
VDB Entry
https://vuldb.com/?id.228802
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00052

Низкий

6.3 Medium

CVSS3

9.8 Critical

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

CWE-79

Связанные уязвимости

GHSA-pm6r-6p9q-w5rf

CVSS3: 6.3

github

больше 2 лет назад

EPSS

Процентиль: 16%

0.00052

Низкий

6.3 Medium

CVSS3

9.8 Critical

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

CWE-79