exploitDog

CVE-2023-43836

Опубликовано: 02 окт. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information

Ссылки

https://gist.github.com/Fliggyaaa/417f8335ce0f0546e95dda91d4b54604
Third Party Advisory
https://github.com/Fliggyaaa/jizhicmssql/
Exploit
https://gist.github.com/Fliggyaaa/417f8335ce0f0546e95dda91d4b54604
Third Party Advisory
https://github.com/Fliggyaaa/jizhicmssql/
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jizhicms:jizhicms:2.4.9:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-684c-fmh3-cpgp

CVSS3: 6.5

github

больше 2 лет назад

There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information

EPSS

Процентиль: 18%

0.00058

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89