exploitDog

CVE-2024-37873

Опубликовано: 09 июл. 2024

Источник: nvd

CVSS3: 9.8

CVSS3: 9.1

EPSS Низкий

Описание

SQL injection vulnerability in view_payslip.php in Itsourcecode Payroll Management System Project In PHP With Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Ссылки

https://github.com/TThuyyy/cve1/issues/2
Exploit
Technical Description
Third Party Advisory
https://github.com/TThuyyy/cve1/issues/2
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:itsourcecode:payroll_management_system_project_in_php_with_source_code:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00239

Низкий

9.8 Critical

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-g434-vgfp-rh6m

CVSS3: 9.1

github

больше 1 года назад

SQL injection vulnerability in view_payslip.php in Itsourcecode Payroll Management System Project In PHP With Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

EPSS

Процентиль: 47%

0.00239

Низкий

9.8 Critical

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-89

CWE-89