Vulnerability Details CVE-2019-13978
Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/153738/Ovidentia-8.4.3-SQL-Injection.html
- https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitSQLIOvidentia.txt
- http://packetstormsecurity.com/files/153738/Ovidentia-8.4.3-SQL-Injection.html
- https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitSQLIOvidentia.txt