Описание
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in pdf.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.
Ссылки
- Third Party Advisory
- Product
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия до 5.3.3l (исключая)Версия до 5.3.3m (исключая)
Одно из
cpe:2.3:a:luxsoft:luxcal_web_calendar:*:*:sqlite:*:*:*:*:*
cpe:2.3:a:luxsoft:luxcal_web_calendar:*:*:mysql:*:*:*:*:*
EPSS
Процентиль: 11%
0.00038
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 7.3
github
12 месяцев назад
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in pdf.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.
EPSS
Процентиль: 11%
0.00038
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-89