Количество 3
Количество 3
CVE-2020-13873
A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.)
GHSA-hh89-v8x4-q57w
A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.)
BDU:2021-03301
Уязвимость функции get_topic_info() (sys/CODOF/Forum/Topic.php) программного средства для создания форумов Codoforum, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-13873 A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.) | CVSS3: 9.8 | 13% Средний | больше 4 лет назад |
| GHSA-hh89-v8x4-q57w A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.) | 13% Средний | больше 3 лет назад | |
 | BDU:2021-03301 Уязвимость функции get_topic_info() (sys/CODOF/Forum/Topic.php) программного средства для создания форумов Codoforum, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 13% Средний | больше 4 лет назад |
Уязвимостей на страницу