Sql injection

2020-12-3108:15:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages.

CPENameOperatorVersion
msr45_isherlock-antispameq< 4.5-133
msr45_isherlock-usereq< 4.5-120
ssr45_isherlock-antispameq< 4.5-133
ssr45_isherlock-usereq< 4.5-120

Name	Operator	Version
msr45_isherlock-antispam	eq	< 4.5-133
msr45_isherlock-user	eq	< 4.5-120
ssr45_isherlock-antispam	eq	< 4.5-133
ssr45_isherlock-user	eq	< 4.5-120

References

www.twcert.org.tw/tw/cp-132-4262-03785-1.html