← back
CVE-2015-2843

CVE-2015-2843

50Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 38%
from disclosure to weapon0 days
Published on NVDMay 12
1st PoCApr 21
metasploitApr 21
exploitation probability
38%top 2% of all CVEs
observed exploitation
nono source reports it
5 public exploit(s)
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_login.php or the PATH_INFO to (3) go_login/validate_credentials/admin/ or (4) index.php/go_site/go_get_user_info/.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.