Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MySQL Eventum多个SQL注入漏洞
Vulnerability Description
MySQL Eventum 1.5.5及更早版本存在多个SQL注入漏洞,远程攻击者可以通过在class.auth.php内的(1)isCorrectPassword或者(2)userExist函数,在(4)custom_fields.php,(5)custom_fields_graph.php或(6)class.report.php中的getCustomFieldReport 函数,或者(7)releases.php或(8)class.release.php中insert函数,执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A