Описание
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:client_management_system:1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
почти 2 года назад
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "searchdata" parameter.
EPSS
Процентиль: 36%
0.0015
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89