Описание
SQL injection vulnerability in WinPlus v24.11.27 by Informática del Este. This vulnerability allows an attacker recover, create, update an delete databases by sendng a POST request using the parameters 'val1' and 'cont in '/WinplusPortal/ws/sWinplus.svc/json/getacumper_post'.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:iest:winplus:24.11.27:*:*:*:-:*:*:*
EPSS
Процентиль: 12%
0.00039
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
3 месяца назад
SQL injection vulnerability in WinPlus v24.11.27 by Informática del Este. This vulnerability allows an attacker recover, create, update an delete databases by sendng a POST request using the parameters 'val1' and 'cont in '/WinplusPortal/ws/sWinplus.svc/json/getacumper_post'.
EPSS
Процентиль: 12%
0.00039
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-89