Описание
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254618 is the identifier assigned to this vulnerability.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredThird Party Advisory
- Permissions RequiredThird Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredThird Party Advisory
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
EPSS
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254618 is the identifier assigned to this vulnerability.
EPSS
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2