code-projects Farmacia ଯେପର୍ଯ୍ୟନ୍ତ 1.0 pagamento.php notaFiscal SQL ଇଞ୍ଜେକ୍ସନ

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu code-projects Farmacia ଯେପର୍ଯ୍ୟନ୍ତ 1.0 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii pagamento.php keessa. Dhugumatti jijjiirraa irratti raawwatame notaFiscal gara SQL ଇଞ୍ଜେକ୍ସନ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-89 si geessa. Beekumsi kun yeroo 11/28/2024 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2024-11968 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Meeshaa balaa kana fayyadamuuf hin argamne. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ଅପରିଭାଷିତ jedhamee murtaa’eera. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

5 ଆଡାପ୍ଟେସନ୍ · 119 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
11/28/2024 10:24 AM		ଅଦ୍ୟତନ 1/4
11/28/2024 02:22 PM		ଅଦ୍ୟତନ 2/4
11/28/2024 02:25 PM		ଅଦ୍ୟତନ 3/4
11/28/2024 10:24 PM		ଅଦ୍ୟତନ 4/4
12/03/2024 11:12 PM
software_vendorcode-projectscode-projectscode-projectscode-projectscode-projects
software_nameFarmaciaFarmaciaFarmaciaFarmaciaFarmacia
software_version<=1.0<=1.0<=1.0<=1.0<=1.0
software_filepagamento.phppagamento.phppagamento.phppagamento.phppagamento.php
software_argumentnotaFiscalnotaFiscalnotaFiscalnotaFiscalnotaFiscal
vulnerability_cweCWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
cvss3_vuldb_acLLLLL
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
cvss3_vuldb_rcRRRRR
advisory_urlhttps://github.com/xiaobai19198/cve/blob/main/sql-cve.mdhttps://github.com/xiaobai19198/cve/blob/main/sql-cve.mdhttps://github.com/xiaobai19198/cve/blob/main/sql-cve.mdhttps://github.com/xiaobai19198/cve/blob/main/sql-cve.mdhttps://github.com/xiaobai19198/cve/blob/main/sql-cve.md
source_cveCVE-2024-11968CVE-2024-11968CVE-2024-11968CVE-2024-11968CVE-2024-11968
cna_responsibleVulDBVulDBVulDBVulDBVulDB
software_typeProject Management SoftwareProject Management SoftwareProject Management SoftwareProject Management SoftwareProject Management Software
cvss2_vuldb_avNNNNN
cvss2_vuldb_acLLLLL
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss2_vuldb_rcURURURURUR
cvss4_vuldb_avNNNNN
cvss4_vuldb_acLLLLL
cvss4_vuldb_uiNNNNN
cvss4_vuldb_vcLLLLL
cvss4_vuldb_viLLLLL
cvss4_vuldb_vaLLLLL
cvss2_vuldb_auSSSSS
cvss2_vuldb_eNDNDNDNDND
cvss2_vuldb_rlNDNDNDNDND
cvss3_vuldb_prLLLLL
cvss3_vuldb_eXXXXX
cvss3_vuldb_rlXXXXX
cvss4_vuldb_atNNNNN
cvss4_vuldb_prLLLLL
cvss4_vuldb_scNNNNN
cvss4_vuldb_siNNNNN
cvss4_vuldb_saNNNNN
cvss4_vuldb_eXXXXX
cvss2_vuldb_basescore6.56.56.56.56.5
cvss2_vuldb_tempscore6.26.26.26.26.2
cvss3_vuldb_basescore6.36.36.36.36.3
cvss3_vuldb_tempscore6.16.16.16.16.1
cvss3_meta_basescore6.36.38.17.57.5
cvss3_meta_tempscore6.16.17.67.27.3
cvss4_vuldb_bscore5.35.35.35.35.3
cvss4_vuldb_btscore5.35.35.35.35.3
advisory_date1732748400 (11/28/2024)1732748400 (11/28/2024)1732748400 (11/28/2024)1732748400 (11/28/2024)1732748400 (11/28/2024)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
cvss2_researcher_aiCCCC
cvss3_researcher_avNNNN
cvss3_researcher_rcCCCC
cvss2_researcher_ciCCCC
cvss3_researcher_acLLLL
cvss3_researcher_uiNNNN
cvss3_researcher_aHHHH
cvss3_researcher_rlWWWW
cvss2_researcher_iiCCCC
cvss3_researcher_prNNNN
cvss3_researcher_iHHHH
cvss3_researcher_ePPPP
cvss2_researcher_acLLLL
cvss2_researcher_rcCCCC
cvss2_researcher_avNNNN
cvss2_researcher_rlWWWW
cvss2_researcher_auNNNN
cvss3_researcher_sCCCC
cvss2_researcher_ePOCPOCPOCPOC
cvss3_researcher_cHHHH
cvss2_researcher_basescore10.010.010.0
cvss3_researcher_basescore10.010.010.0
cve_nvd_summaryA vulnerability was found in code-projects Farmacia up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file pagamento.php. The manipulation of the argument notaFiscal leads to sql injection. The attack can be launched remotely.A vulnerability was found in code-projects Farmacia up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file pagamento.php. The manipulation of the argument notaFiscal leads to sql injection. The attack can be launched remotely.
cvss4_cna_avNN
cvss4_cna_acLL
cvss4_cna_atNN
cvss4_cna_prLL
cvss4_cna_uiNN
cvss4_cna_vcLL
cvss4_cna_viLL
cvss4_cna_vaLL
cvss4_cna_scNN
cvss4_cna_siNN
cvss4_cna_saNN
cvss4_cna_bscore5.35.3
cvss3_cna_avNN
cvss3_cna_acLL
cvss3_cna_prLL
cvss3_cna_uiNN
cvss3_cna_sUU
cvss3_cna_cLL
cvss3_cna_iLL
cvss3_cna_aLL
cvss3_cna_basescore6.36.3
cvss2_cna_avNN
cvss2_cna_acLL
cvss2_cna_auSS
cvss2_cna_ciPP
cvss2_cna_iiPP
cvss2_cna_aiPP
cvss2_cna_basescore6.56.5
cve_nvd_summaryesSe ha encontrado una vulnerabilidad en code-projects Farmacia hasta la versión 1.0. Se ha declarado como crítica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo pagamento.php. La manipulación del argumento notaFiscal conduce a una inyección SQL. El ataque puede ejecutarse de forma remota.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iN
cvss3_nvd_aN
cvss3_nvd_basescore7.5

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Might our Artificial Intelligence support you?

Check our Alexa App!