KB Login Authentication Script 1.1 username/password sql injektion

En kritisksvag punkt hittades i KB Login Authentication Script 1.1. Som påverkar en okänd funktion. Manipulering av argumenten username/password med ingången 'or''=' en okänd ingång leder till en sårbarhet klass sql injektion svag punkt. Den rådgivande finns tillgänglig för nedladdning på exploit-db.com. Denna svaga punkt behandlas som CVE-2017-20127. Attacken på nätet kan. Det finns tekniska detaljer känd. Han deklarerade proof-of-concept. Den exploit kan laddas ner från exploit-db.com. En möjlig åtgärd har utfärdats före och inte bara efter offentliggörandet.

Tidslinje

Användare

139

Fält

source_cve_nvd_summary2
source_cve_assigned1
cna_responsible1
source_cve1
vulnerability_cwe1

Commit Conf

100%39
90%7
70%3
98%2

Approve Conf

100%39
90%7
70%3
98%2
IDEngageradAnvändareFältFörändraAnmärkningarAccepteradStatusC
1325068011/11/2022VulD...cve_nvd_summaryA vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.cvedetails.com11/11/2022accepterad
70
1325067911/11/2022VulD...cve_nvd_summaryA vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.cve.mitre.org11/11/2022accepterad
70
1325067811/11/2022VulD...cve_assigned1656367200 (28/06/2022)cve.mitre.org11/11/2022accepterad
70
1266046028/06/2022VulD...responsibleVulDB28/06/2022accepterad
100
1266045928/06/2022VulD...cveCVE-2017-20127cve.org28/06/2022accepterad
100
637200911/08/2020VulD...cwe89 (sql injektion)11/08/2020accepterad
90
637200811/08/2020VulD...exploitdb_date1485388800 (26/01/2017)exploit-db.com11/08/2020accepterad
100
637201508/02/2017VulD...cvss3_vuldb_rcRsee CVSS documentation08/02/2017accepterad
90
637201408/02/2017VulD...cvss3_vuldb_rlXsee CVSS documentation08/02/2017accepterad
90
637201308/02/2017VulD...cvss3_vuldb_ePsee CVSS documentation08/02/2017accepterad
90
637201208/02/2017VulD...cvss2_vuldb_rcURsee CVSS documentation08/02/2017accepterad
90
637201108/02/2017VulD...cvss2_vuldb_rlNDsee CVSS documentation08/02/2017accepterad
90
637201008/02/2017VulD...cvss2_vuldb_ePOCsee CVSS documentation08/02/2017accepterad
90
637200708/02/2017VulD...exploitdb41167exploit-db.com08/02/2017accepterad
100
637200608/02/2017VulD...price_0day$0-$5ksee exploit price documentation08/02/2017accepterad
100
637200508/02/2017VulD...developer_nameIhsan Sencan08/02/2017accepterad
100
637200408/02/2017VulD...urlhttps://www.exploit-db.com/exploits/41167/exploit-db.com08/02/2017accepterad
100
637200308/02/2017VulD...publicity108/02/2017accepterad
98
637200208/02/2017VulD...date1485388800 (26/01/2017)08/02/2017accepterad
100
637200108/02/2017VulD...availability108/02/2017accepterad
100

31 fler poster visas inte

🔒 Login Required

You need to signup and login to see more of the remaining 31 results.

TidigareÖversiktNästa

Do you need the next level of professionalism?

Upgrade your account now!