exploitDog

CVE-2024-8161

Опубликовано: 26 авг. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

SQL injection vulnerability in ATISolutions CIGES affecting versions lower than 2.15.5. This vulnerability allows a remote attacker to send a specially crafted SQL query to the /modules/ajaxServiciosCentro.php point in the idCentro parameter and retrieve all the information stored in the database.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-vulnerability-cigesv2-system

EPSS

Процентиль: 67%

0.0054

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-wj96-5g7r-c538

CVSS3: 9.8

github

больше 1 года назад

SQL injection vulnerability in ATISolutions CIGES affecting versions lower than 2.15.5. This vulnerability allows a remote attacker to send a specially crafted SQL query to the /modules/ajaxServiciosCentro.php point in the idCentro parameter and retrieve all the information stored in the database.

EPSS

Процентиль: 67%

0.0054

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89