Описание
SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
Ссылки
- Issue Tracking
- Release Notes
- Third Party Advisory
- Issue Tracking
- Release Notes
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wbce:wbce_cms:1.6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.73316
Высокий
9.8 Critical
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
около 2 лет назад
SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.
EPSS
Процентиль: 99%
0.73316
Высокий
9.8 Critical
CVSS3
Дефекты
CWE-89