Описание
An issue was discovered in Subrion CMS 4.2.1, allowing authenticated adminitrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel - to gain escalated privileges in the context of the SQL query tool.
Ссылки
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:intelliants:subrion_cms:4.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
3.8 Low
CVSS3
Дефекты
CWE-566
Связанные уязвимости
CVSS3: 6.5
github
5 месяцев назад
Subrion CMS: Authenticated administrators are able to gain escalated access through Run SQL Query tool
EPSS
Процентиль: 16%
0.0005
Низкий
3.8 Low
CVSS3
Дефекты
CWE-566