ГлавнаяУязвимости → CVE-2019-25444
9.1критическая

CVE-2019-25444

Описание

Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can supply malicious SQL syntax in the page parameter to extract sensitive database information or modify database contents.

Затрагиваемое ПО
Phpscriptsmall Fiverr clone script
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://www.exploit-db.com/exploits/46637https://www.vulncheck.com/advisories/fiverr-clone-script-sql-injection-via-page-parameter