exploitDog

CVE-2024-9037

Опубликовано: 20 сент. 2024

Источник: nvd

CVSS3: 7.3

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability classified as critical has been found in Codezips Internal Marks Calculation 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/L1OudFd8cl09/CVE/blob/main/20_09_2024_a.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.278208
Permissions Required
VDB Entry
https://vuldb.com/?id.278208
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.411461
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:codezips:internal_marks_calculation:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00067

Низкий

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

EPSS

Процентиль: 21%

0.00067

Низкий

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89