Описание
6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:6shr_system_project:6shr_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02589
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.8
github
больше 1 года назад
6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL command to read, modify, and delete database contents.
EPSS
Процентиль: 85%
0.02589
Низкий
8.8 High
CVSS3
Дефекты
CWE-89