Описание
A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Ссылки
- Broken Link
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия до 6.3.2 (включая)
cpe:2.3:a:dedebiz:dedebiz:*:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-74
CWE-89
Связанные уязвимости
CVSS3: 4.7
github
3 месяца назад
A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 10%
0.00034
Низкий
4.7 Medium
CVSS3
7.2 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-74
CWE-89