Описание
A vulnerability was determined in SiempreCMS up to 1.3.6. This affects an unknown part of the file user_search_ajax.php. This manipulation of the argument name/userName causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
EPSS
Процентиль: 5%
0.0002
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-74
Связанные уязвимости
CVSS3: 7.3
github
5 месяцев назад
A vulnerability was determined in SiempreCMS up to 1.3.6. This affects an unknown part of the file user_search_ajax.php. This manipulation of the argument name/userName causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
EPSS
Процентиль: 5%
0.0002
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-74