CVE-2020-36648

Опубликовано: 08 янв. 2023

Источник: nvd

CVSS3: 5.5

CVSS3: 9.8

CVSS2: 5.2

EPSS Низкий

Описание

A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.

Ссылки

https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf
Patch
https://vuldb.com/?ctiid.217641
Third Party Advisory
https://vuldb.com/?id.217641
Third Party Advisory
https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf
Patch
https://vuldb.com/?ctiid.217641
Third Party Advisory
https://vuldb.com/?id.217641
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pouet:pouet2.0:*:*:*:*:*:*:*:*

Версия до 06-22-2020 (исключая)

EPSS

Процентиль: 57%

0.00351

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-xhmj-4cpg-8x53

CVSS3: 9.8

github

около 3 лет назад

A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The name of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.

EPSS

Процентиль: 57%

0.00351

Низкий

5.5 Medium

CVSS3

9.8 Critical

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-89