exploitDog

CVE-2023-44267

Опубликовано: 26 окт. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'lnm' parameter of the header.php resource does not validate the characters received and they are sent unfiltered to the database.

Ссылки

https://fluidattacks.com/advisories/ono
Exploit
Third Party Advisory
https://https://projectworlds.in/
Broken Link
https://fluidattacks.com/advisories/ono
Exploit
Third Party Advisory
https://https://projectworlds.in/
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:projectworlds:online_art_gallery:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00085

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-pqpq-95jv-jqmc

CVSS3: 9.8

github

больше 2 лет назад

Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'lnm' parameter of the header.php resource does not validate the characters received and they are sent unfiltered to the database.

EPSS

Процентиль: 25%

0.00085

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89