Количество 2
Количество 2
CVE-2019-10763
pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection.
GHSA-fpff-384j-vxq7
Data leakage via SQL Injection in Pimcore
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-10763 pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via 'id', 'storeId', 'pageSize' and 'tables' parameters, using a payload for trigger a time based or error based sql injection. | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| GHSA-fpff-384j-vxq7 Data leakage via SQL Injection in Pimcore | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу