Описание
SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]=
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:spryker:commerce_os:0.9:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00151
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
почти 3 года назад
SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]=
EPSS
Процентиль: 36%
0.00151
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
CWE-89