Описание
A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management System v3.3 allows remote attackers to execute arbitrary code via the currentpassword POST request parameter.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:user_registration_\&_login_and_user_management_system:3.3:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 6.1
github
11 месяцев назад
A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management System v3.3 allows remote attackers to execute arbitrary code via the currentpassword POST request parameter.
EPSS
Процентиль: 27%
0.00096
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-89