GSA_kwCzR0hTQS02ZnZ3LXg2Z3ctNHd2OM4AAqQt

Critical EPSS: 0.04892% (0.88586 Percentile) EPSS:

Permalink JSON

Froxlor SQL injection vulnerability

Affected Packages	Affected Versions	Fixed Versions
packagist:froxlor/froxlor	<= 0.10.29.1	0.10.30
0 Dependent packages 0 Dependent repositories 22 Downloads total Affected Version Ranges All affected versions 0.10.0, 0.10.1, 0.10.2-3.1, 0.10.2-9.1 All unaffected versions 0.10.2, 0.10.3, 0.10.4, 0.10.5, 0.10.6, 0.10.7, 0.10.8, 0.10.9, 0.10.10, 0.10.11, 0.10.12, 0.10.13, 0.10.14, 0.10.15, 0.10.16, 0.10.17, 0.10.18, 0.10.19, 0.10.20, 0.10.21, 0.10.22, 0.10.23, 0.10.24, 0.10.25, 0.10.26, 0.10.27, 0.10.28, 0.10.29, 0.10.30, 0.10.31, 0.10.32, 0.10.33, 0.10.34, 0.10.35, 0.10.36, 0.10.37, 0.10.38, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.0.18, 2.0.19, 2.0.20, 2.0.21, 2.0.22, 2.0.23, 2.0.24, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.7, 2.2.8

Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.

References:

Identifiers

GHSA-6fvw-x6gw-4wv8

CVE-2021-42325

Risk

Severity

Critical

EPSS

EPSS Percentage: 0.04892

EPSS Percentile: 0.88586

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/Froxlor/Froxlor

Date and time

Published

about 3 years ago

Updated

over 1 year ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories