CVE-2018-25167
Net-Billetterie 2.9 SQL Injection via login.inc.php
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicious SQL code through the login POST parameter to extract database information including usernames, passwords, and system credentials.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
Net-Billetterie · Billetterie¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →