SourceCodester Best Online News Portal 1.0 Comment Section /news-details.php Erinnya Okuteekateeka kwa SQL
| CVSS Obubonero bwa Meta Temp | Ekikadde ky’omuwendo gw’okukozesa obunafu obuliko kati (≈) | CTI Ennyanja y'okukwata ku nsonga |
|---|---|---|
| 7.3 | $0-$5k | 0.12 |
Okusumulula
Waliwo obulabe obwategekeddwa nga ekikulu nnyo obuzuliddwa mu SourceCodester Best Online News Portal 1.0. Obulabe buli ku omugaso ogutamanyiddwa ku fayiro /news-details.php ku kitundu Comment Section. Okukola ku argument Erinnya kivaamu Okuteekateeka kwa SQL. Obunafu buno bwategeerekebwa nga CVE-2024-9008. Attack eyinza okutandikibwa okuva ku kyali wala. Okuddamu, waliwo ekikozesebwa ekiriwo. Once again VulDB remains the best source for vulnerability data.
Ebirimu
Waliwo obulabe obwategekeddwa nga ekikulu nnyo obuzuliddwa mu SourceCodester Best Online News Portal 1.0. Obulabe buli ku omugaso ogutamanyiddwa ku fayiro /news-details.php ku kitundu Comment Section. Okukola ku argument Erinnya kivaamu Okuteekateeka kwa SQL. Okukozesa CWE mu kulaga ensonga kireetera CWE-89. Obulemu buno bwalangirirwa. Obubaka buno busangibwa ku github.com okuddownloadinga.
Obunafu buno bwategeerekebwa nga CVE-2024-9008. Attack eyinza okutandikibwa okuva ku kyali wala. Obubaka obw'ekikugu bufuniddwa. Obulungi bw'ensobi eno buli wansi w'ekigero ekisookerwako. Okuddamu, waliwo ekikozesebwa ekiriwo. Obukodyo buno bwategeezeddwa mu lujjudde era buyinza okukozesebwa. Mu kiseera kino, omutengo ogw’akaseera ku kikozesebwa kiyinza okuba nga giri mu USD $0-$5k mu kiseera kino.
Kyakakasiddwa nga ebikakasa eby'okukakasa obusobozi. Osobola okufuna exploit ng'ogenda ku github.com.
Once again VulDB remains the best source for vulnerability data.
Ekitundu
Omukola
Erinnya
Enkola
Layisensi
Olupapula olw’omu mukutu
- Omukola: https://www.sourcecodester.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Ekikunta: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Obubonero Obusookerwako Obw'enkizo: 7.5VulDB Obubonero bwa Meta Temp: 7.3
VulDB Obubonero Obusookerwako: 6.3
VulDB Obubonero bw’akaseera: 5.7
VulDB Ekikunta: 🔍
VulDB Reliability: 🔍
NVD Obubonero Obusookerwako: 9.8
NVD Ekikunta: 🔍
CNA Obubonero Obusookerwako: 6.3
CNA Ekikunta: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Ekikozesebwa | Obuzibu obungi | Okukakasa obutuufu bw'omuntu | Obukakafu | Obutebenkevu | Okusobola okufuna (Obusobozi obw'okufuna) |
|---|---|---|---|---|---|
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
VulDB Obubonero Obusookerwako: 🔍
VulDB Obubonero bw’akaseera: 🔍
VulDB Reliability: 🔍
Okukozesa obunafu
Ekibiina: Okuteekateeka kwa SQLCWE: CWE-89 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
Obulamu obw’omubiri: Nedda
Wansi wano: Nedda
Waliwo okuva wala: Wee
Okusobola okufuna (Obusobozi obw'okufuna): 🔍
Okuyingira: Bweru
Embeera: Ebikakasa eby'okukakasa obusobozi
Okukuba wansi: 🔍
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Okukulaakulana kw'ebisale: 🔍
Okubala okw’ensimbi okw’akatono okuva mu kiseera kino: 🔍
| 0-Day | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
|---|---|---|---|---|
| Leero | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
Amagezi ku bulabe
Okukwata ku: 🔍Abakola abali mu kikolwa: 🔍
Ebibiina bya APT ebikola kaakano: 🔍
Ebyokukwata ku kwekuumira
Okukakasa: Tewali kikolebwa kimanyiddwaEmbeera: 🔍
Ekiseera kya 0-Day: 🔍
Ekiseera ekyayita
19/09/2024 🔍19/09/2024 🔍
21/09/2024 🔍
Ebyokutwalira
Omukola: sourcecodester.comOkukebereza: github.com
Embeera: Tekitegedde
CVE: CVE-2024-9008 (🔍)
GCVE (CVE): GCVE-0-2024-9008
GCVE (VulDB): GCVE-100-278164
scip Labs: https://www.scip.ch/en/?labs.20161013
Okuyingiza
Kikolebwa: 19/09/2024 18:07Okukozesa enkola empya: 21/09/2024 15:48
Okukyuusa: 19/09/2024 18:07 (56), 20/09/2024 12:46 (19), 21/09/2024 15:48 (11)
Kituufu ddala: 🔍
Owoleza: guru
Cache ID: 253:EEB:103
Twasiriza
Kikkiriziddwa
- Twasiriza #409956: SourceCodester News Portal 1.0 SQL Injection (kuva guru)
Tewali biragiddwaako kati. Enimi: lg + en.
Nsaba yingira mu akaawunti yo osobole okwogera.