Количество 2
Количество 2
CVE-2018-18286
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
GHSA-m7gh-xg3x-jmw6
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-18286 SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. | CVSS3: 9.8 | 1% Низкий | почти 7 лет назад |
| GHSA-m7gh-xg3x-jmw6 SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. | CVSS3: 9.8 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу