Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3286

Опубликовано: 26 янв. 2021
Источник: debian

Описание

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
spotwebnot-affectedpackage

Примечания

  • https://github.com/spotweb/spotweb/issues/653

Связанные уязвимости

ubuntu логотип

CVE-2021-3286

CVSS3: 9.8
ubuntu
около 5 лет назад

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.

nvd логотип

CVE-2021-3286

CVSS3: 9.8
nvd
около 5 лет назад

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.

github логотип

GHSA-jpm4-m232-8rrq

github
больше 3 лет назад

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.