admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-29 01:30:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2021-24762.md

13 lines
1.5 KiB
Markdown
Raw Normal View History

Create CVE-2021-24762.md add CVE-2021-24762
2023-07-14 11:11:19 +08:00
## WordPress plugin perfect survey admin-ajax.php question_id SQL Injection Vulnerability (CVE-2021-24762)
| **Vulnerability** | **WordPress plugin perfect survey admin-ajax.php question_id SQL Injection Vulnerability (CVE-2021-24762)** |
| :----: | :-----|
| **Chinese name** | WordPress perfect survey 插件 admin-ajax.php 文件 question_id 参数 SQL注入漏洞CVE-2021-24762 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [body="/wp-content/plugins/perfect-survey"](https://en.fofa.info/result?qbase64=Ym9keT0iL3dwLWNvbnRlbnQvcGx1Z2lucy9wZXJmZWN0LXN1cnZleSI%3D) |
| **Number of assets affected** | 628 |
| **Description** | WordPress plugin perfect survey is a plugin for surveying user feedback issues.WordPress plugin perfect survey version before 1.5.2 has a SQL injection vulnerability, the vulnerability stems from the lack of validation of externally input SQL statements in database-based applications. Attackers can exploit this vulnerability to execute illegal SQL commands to obtain sensitive information such as user passwords. |
| **Impact** | WordPress plugin perfect survey version before 1.5.2 has a SQL injection vulnerability, the vulnerability stems from the lack of validation of externally input SQL statements in database-based applications. Attackers can exploit this vulnerability to execute illegal SQL commands to obtain sensitive information such as user passwords. |
![](https://s3.bmp.ovh/imgs/2023/07/13/7a534dcb3646e5c6.gif)
Reference in New Issue Copy Permalink