PT-2019-13429 · Icegram · Icegram Email Subscribers & Newsletters

Publicado

2019-07-19

·

Atualizado

2019-07-31

·

CVE-2019-13569

CVSS v3.1

10

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Icegram Email Subscribers & Newsletters plugin versions prior to 4.1.8
Description A SQL injection issue exists, allowing a remote attacker to execute arbitrary SQL commands on the affected system.
Recommendations For Icegram Email Subscribers & Newsletters plugin versions prior to 4.1.8, update to version 4.1.8 or later to resolve the issue.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2019-13569

Produtos afetados

Icegram Email Subscribers & Newsletters