CVE-2016-8902 in dotCMS정보

요약

\~에 의해 MITRE

SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2016. 10. 24.

공개

2016. 11. 14.

모더레이션

수락

항목

VDB-93220

CPE

준비됨

CWE

CWE-89 (확인됨)

CVSS

9.8 (NVD)

EPSS

0.01437

KEV

아니요

활동

매우 낮음

부문

Agriculture, Lawfirm, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8902
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8902
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8902/

◂ 이전 개요 다음 ▸

Interested in the pricing of exploits?

See the underground prices here!