Description


A vulnerability, which was classified as critical, was found in MonikaBrzica scm. This affects an unknown part of the file uredi_korisnika.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213699.

Related CPE's


References


https://github.com/MonikaBrzica/scm/issues/1

ExploitIssue TrackingThird Party Advisory

https://vuldb.com/?id.213699

Permissions RequiredThird Party Advisory

Weaknesses



CWE-707

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-11-15T17:15:11.177

2 years ago

Last modified

2023-11-07T03:52:05.647

1 year ago