PT-2023-10210 · Unknown · Purpleparrots 491-Project

Purpleparrots

Publicado

2023-01-08

Atualizado

2024-05-17

CVE-2015-10031

CVSS v2.0

5.2

Média

Vetor

AV:A/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions purpleparrots 491-Project (affected versions not specified)

Description A critical issue was found in the Highscore Handler component of the file update.php, leading to sql injection. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. The manipulation of unknown code in the update.php file leads to this issue.

Recommendations To fix this issue, it is recommended to apply a patch. The name of the patch is a812a5e4cf72f2a635a716086fe1ee2b8fa0b1ab. As a temporary workaround, consider restricting access to the update.php file until a patch is applied.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2015-10031

Produtos afetados

Purpleparrots 491-Project

PT-2023-10210 · Unknown · Purpleparrots 491-Project

CVE-2015-10031

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6