Описание
A vulnerability, which was classified as critical, has been found in FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 5%
0.00026
Низкий
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74
Связанные уязвимости
CVSS3: 6.3
github
3 дня назад
A vulnerability, which was classified as critical, has been found in FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 5%
0.00026
Низкий
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74