A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf | Patch |
https://vuldb.com/?ctiid.217641 | Third Party Advisory |
https://vuldb.com/?id.217641 | Third Party Advisory |
https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf | Patch |
https://vuldb.com/?ctiid.217641 | Third Party Advisory |
https://vuldb.com/?id.217641 | Third Party Advisory |
Configurations
History
21 Nov 2024, 05:30
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.2
v3 : 5.5 |
References | () https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf - Patch | |
References | () https://vuldb.com/?ctiid.217641 - Third Party Advisory | |
References | () https://vuldb.com/?id.217641 - Third Party Advisory |
11 Apr 2024, 01:08
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
29 Feb 2024, 01:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-08 10:15
Updated : 2024-11-21 05:30
NVD link : CVE-2020-36648
Mitre link : CVE-2020-36648
CVE.ORG link : CVE-2020-36648
JSON object : View
Products Affected
pouet
- pouet2.0
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')