ГлавнаяУязвимости → CVE-2024-37872
8.1высокая

CVE-2024-37872

Описание

SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.

Затрагиваемое ПО
Angeljudesuarez Billing system
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://github.com/TThuyyy/cve1/issues/4https://github.com/TThuyyy/cve1/issues/4