exploitDog

CVE-2023-27779

Опубликовано: 13 апр. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user parameter in the login form.

Ссылки

http://alo.com
Not Applicable
https://amsystem.es/
Product
https://docs.google.com/document/d/1kGzmc6AOCfRzJf9mDz4emkhQj84Y1XemmAMZjYK32-o/edit?usp=sharing
Exploit
Third Party Advisory
https://portalempleado.alosuite.com/home
Not Applicable
http://alo.com
Not Applicable
https://amsystem.es/
Product
https://docs.google.com/document/d/1kGzmc6AOCfRzJf9mDz4emkhQj84Y1XemmAMZjYK32-o/edit?usp=sharing
Exploit
Third Party Advisory
https://portalempleado.alosuite.com/home
Not Applicable

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:amsystem:am_presencia:3.7.3:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.0013

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-c87m-fg5p-pc54

CVSS3: 9.8

github

почти 3 года назад

AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user parameter in the login form.

EPSS

Процентиль: 33%

0.0013

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

CWE-89