Описание
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command.
Ссылки
- Product
- Product
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 16.0.1.1663 (включая) до 24.0.1.2405 (включая)
cpe:2.3:a:horizoncloud:caterease:*:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06596
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command.
EPSS
Процентиль: 91%
0.06596
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78