The vulnerability of the ExploreIT website content management system, related to the lack of measures to protect the SQL query structure, allows attackers to perform cross-site scripting attacks.

🗓️ 21 Feb 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 7 Views

ExploreIT content management vulnerability due to unprotected query structure enabling remote cross-site scripting.

Reporter	Title	Published	Views	Family All 14
0day.today	Explore CMS 1.0 - SQL Injection Vulnerability	12 May 202200:00	–	zdt
ATTACKERKB	CVE-2022-27412	9 May 202218:15	–	attackerkb
Circl	CVE-2022-27412	9 May 202222:33	–	circl
CNNVD	Explore IT Explore CMS SQL注入漏洞	9 May 202200:00	–	cnnvd
Check Point Advisories	SQL Injection Scanning Attempt (CVE-2022-27412)	6 Jan 201600:00	–	checkpoint_advisories
CVE	CVE-2022-27412	9 May 202217:31	–	cve
Cvelist	CVE-2022-27412	9 May 202217:31	–	cvelist
Exploit DB	Explore CMS 1.0 - SQL Injection	11 May 202200:00	–	exploitdb
EUVD	EUVD-2022-31915	3 Oct 202520:07	–	euvd
NVD	CVE-2022-27412	9 May 202218:15	–	nvd

Vulners

Node

exploreit explore_cmsMatch1.0

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/166694/Explore-CMS-1.0-SQL-Injection.html
exploreit	www.exploreit.com.bd/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-27412
web	www.web.nvd.nist.gov/view/vuln/detail

13 Sep 2024 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 39.8

CVSS 210

EPSS0.03749

ExploreIT content management unprotected query structure cross site scripting