Описание
A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modify.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Ссылки
- Product
- ExploitIssue TrackingMitigationThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Permissions RequiredVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:code-projects:simple_laundry_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 7%
0.00026
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-74
Связанные уязвимости
CVSS3: 7.3
github
7 дней назад
A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modify.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
EPSS
Процентиль: 7%
0.00026
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-74