exploitDog

CVE-2024-48427

Опубликовано: 24 окт. 2024

Источник: nvd

CVSS3: 8.8

CVSS3: 8.1

EPSS Средний

Описание

A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id

Ссылки

https://github.com/vighneshnair7/CVE-2024-48427/blob/main/README.md
Third Party Advisory
https://www.sourcecodester.com/php/15360/packers-and-movers-management-system-phpoop-free-source-code.html
Broken Link
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:packers_and_movers_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13386

Средний

8.8 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-4pxm-mf9w-2x55

CVSS3: 8.1

github

больше 1 года назад

A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id

EPSS

Процентиль: 94%

0.13386

Средний

8.8 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-89

CWE-89