Количество 2
Количество 2
CVE-2024-35374
больше 1 года назад
Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution (RCE) under certain conditions.
CVSS3: 9.8
EPSS: Низкий
GHSA-j6cv-98jx-mrwr
больше 1 года назад
Mocodo vulnerable to SQL injection in `/web/generate.php`
CVSS3: 9.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-35374 Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection, leading to remote code execution (RCE) under certain conditions. | CVSS3: 9.8 | 6% Низкий | больше 1 года назад |
| GHSA-j6cv-98jx-mrwr Mocodo vulnerable to SQL injection in `/web/generate.php` | CVSS3: 9.8 | 6% Низкий | больше 1 года назад |
Уязвимостей на страницу
20