CVE-2024-5361

Опубликовано: 26 мая 2024

Источник: nvd

CVSS3: 6.3

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/normal-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266273 was assigned to this vulnerability.

Ссылки

https://vuldb.com/?ctiid.266273
Permissions Required
VDB Entry
https://vuldb.com/?id.266273
Permissions Required
VDB Entry
https://vuldb.com/?submit.343886
VDB Entry
https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/gotd8yz2e0ed9gof
Broken Link
https://vuldb.com/?ctiid.266273
Permissions Required
VDB Entry
https://vuldb.com/?id.266273
Permissions Required
VDB Entry
https://vuldb.com/?submit.343886
VDB Entry
https://www.yuque.com/yuqueyonghunhj6tg/ygf5oy/gotd8yz2e0ed9gof
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:zoo_management_system:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.00073

Низкий

6.3 Medium

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

EPSS

Процентиль: 22%

0.00073

Низкий

6.3 Medium

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89