Количество 2
Количество 2
CVE-2022-24637
Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter.
GHSA-pr9q-v585-qv2w
Improper Privilege Management in Open Web Analytics
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-24637 Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter. | CVSS3: 9.8 | 94% Критический | почти 4 года назад |
| GHSA-pr9q-v585-qv2w Improper Privilege Management in Open Web Analytics | CVSS3: 9.8 | 94% Критический | почти 4 года назад |
Уязвимостей на страницу