Количество 2
Количество 2
CVE-2024-57587
Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to /api/auth/login.
GHSA-254v-c952-g64w
EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection on the authentication portal.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-57587 Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to /api/auth/login. | CVSS3: 9.1 | 0% Низкий | 7 месяцев назад |
| GHSA-254v-c952-g64w EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection on the authentication portal. | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу