PT-2022-11478 · Unknown · Dynamicmarkt

Published

2022-06-10

Updated

2022-06-17

CVE-2021-41755

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions dynamicMarkt versions prior to 3.10

Description The issue is related to SQL injection in the kat1 parameter of the "index.php" endpoint.

Recommendations For versions prior to 3.10, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-41755

Affected Products

Dynamicmarkt

PT-2022-11478 · Unknown · Dynamicmarkt

CVE-2021-41755

Weakness Enumeration

Related Identifiers

Affected Products

References · 4