Описание
A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
Ссылки
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitMitigationThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:warren-daloyan:inventory_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00042
Низкий
4.7 Medium
CVSS3
8 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-74
CWE-1236
Связанные уязвимости
CVSS3: 4.7
github
2 месяца назад
A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to csv injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
EPSS
Процентиль: 13%
0.00042
Низкий
4.7 Medium
CVSS3
8 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-74
CWE-1236