Количество 2
Количество 2
CVE-2020-20295
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands.
GHSA-3gc8-mch5-55gq
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-20295 An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands. | CVSS3: 9.8 | 1% Низкий | почти 5 лет назад |
| GHSA-3gc8-mch5-55gq An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands. | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу