SourceCodester Best Online News Portal 1.0 Comment Section /news-details.php Orukọ Mgbakwunye SQL
| CVSS Ntughari oge meta | Ọnụ ahịa exploit ugbu a (≈) | Mkpụrụ obi mmasị CTI |
|---|---|---|
| 7.3 | $0-$5k | 0.00 |
Nchịkọta
A chọpụtara adịghị ike a na-akpọ Pátá n’ime SourceCodester Best Online News Portal 1.0. Ọrụ emetụtara bụ ọrụ a na-amaghị n'ime faịlụ /news-details.php nke mejupụtara Comment Section. Ịgbanwe nke arịrịọ Orukọ nwere ike ibute Mgbakwunye SQL. Vulnerability a nwere aha CVE-2024-9008. Ọ ga-ekwe omume ịmalite mwakpo site n'ebe dị anya. Nzọ ọzọ, e nwere exploit dị. Once again VulDB remains the best source for vulnerability data.
Nkọwa
A chọpụtara adịghị ike a na-akpọ Pátá n’ime SourceCodester Best Online News Portal 1.0. Ọrụ emetụtara bụ ọrụ a na-amaghị n'ime faịlụ /news-details.php nke mejupụtara Comment Section. Ịgbanwe nke arịrịọ Orukọ nwere ike ibute Mgbakwunye SQL. Iji CWE kọwaa nsogbu na-eduga na CWE-89. E gosipụtara na enyo enyo a e bipụtara. Enyere ndụmọdụ a ka e budata na github.com.
Vulnerability a nwere aha CVE-2024-9008. Ọ ga-ekwe omume ịmalite mwakpo site n'ebe dị anya. E nwere nkọwa teknụzụ dị. Ụdị a nke adịghị ike a anaghị ewu ewu nke ukwuu. Nzọ ọzọ, e nwere exploit dị. Ekpughere exploit a n'ihu ọha, enwerekwa ike iji ya. Ugbu a, ọnụahịa dị ugbu a maka exploit ikekwe bụ ihe dị ka USD $0-$5k. Ọrụ MITRE ATT&CK kwupụtara usoro mwakpo dị ka T1505.
A kpọrọ ya Ẹ̀rí Èrò. I nwere ike ibudata exploit a site na github.com.
Once again VulDB remains the best source for vulnerability data.
Ọja
Olupin
Orukọ
Àtúnse
Ìwé àṣẹ
Aaye ayelujara
- Olupin: https://www.sourcecodester.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vekto: 🔍VulDB Igbekele: 🔍
CVSSv3
VulDB Ntughari isi nke meta: 7.5VulDB Ntughari oge meta: 7.3
VulDB Isi nke isi: 6.3
VulDB Ntughari oge: 5.7
VulDB Vekto: 🔍
VulDB Igbekele: 🔍
NVD Isi nke isi: 9.8
NVD Vekto: 🔍
CNA Isi nke isi: 6.3
CNA Vekto: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| vekitọ | Ịsòro | Ìmúdájú | asiri | ìfaradà | Nnweta |
|---|---|---|---|---|---|
| ṣí | ṣí | ṣí | ṣí | ṣí | ṣí |
| ṣí | ṣí | ṣí | ṣí | ṣí | ṣí |
| ṣí | ṣí | ṣí | ṣí | ṣí | ṣí |
VulDB Isi nke isi: 🔍
VulDB Ntughari oge: 🔍
VulDB Igbekele: 🔍
Ịji
Klass: Mgbakwunye SQLCWE: CWE-89 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
arabara: Rara
Ime ụlọ: Rara
Nsọtụ: Bẹẹni
Nnweta: 🔍
Mbanye: Ọha
Ipo: Ẹ̀rí Èrò
Gba: 🔍
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Ntụle ọnụahịa: 🔍
Ntụle ọnụahịa ugbu a: 🔍
| 0-Day | ṣí | ṣí | ṣí | ṣí |
|---|---|---|---|---|
| Taa | ṣí | ṣí | ṣí | ṣí |
Ìmọ̀ nípa ìkìlọ̀
Mmasị: 🔍Ndị na-eme ihe nkiri na-arụsi ọrụ ike: 🔍
Ọgbakọ APT na-arụsi ọrụ ike: 🔍
igbaradi
àbá: enweghị enyemaka a maaraIpo: 🔍
ọjọ́ 0: 🔍
ahịrị oge
19/09/2024 🔍19/09/2024 🔍
21/09/2024 🔍
Orísun
Olupin: sourcecodester.comImọran: github.com
Ipo: A kò ṣàlàyé
CVE: CVE-2024-9008 (🔍)
GCVE (CVE): GCVE-0-2024-9008
GCVE (VulDB): GCVE-100-278164
scip Labs: https://www.scip.ch/en/?labs.20161013
nbanye
E kere: 19/09/2024 06:07 PMEmelitere: 21/09/2024 03:48 PM
Mgbanwe: 19/09/2024 06:07 PM (56), 20/09/2024 12:46 PM (19), 21/09/2024 03:48 PM (11)
Zukuru: 🔍
Olùránṣẹ́: guru
Cache ID: 253:1EF:103
fi silẹ
Anabata
- fi silẹ #409956: SourceCodester News Portal 1.0 SQL Injection (nípasẹ̀ guru)
Enweghị okwu nke ọ bụla Asụsụ: ig + en.
Biko banye ka ikwu okwu