Описание
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file setgeneral.php. The manipulation of the argument sitename/email/mobile/sms/currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271456.
Ссылки
- Exploit
- Permissions Required
- Third Party Advisory
- Third Party Advisory
- Exploit
- Permissions Required
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file setgeneral.php. The manipulation of the argument sitename/email/mobile/sms/currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271456.
Уязвимость файла setgeneral.php системы управления швейным цехом Tailoring Management System (TMS), позволяющая нарушителю выполнить произвольный SQL-код, получить несанкционированный доступ на чтение, изменение или удаление данных или вызвать отказ в обслуживании
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2