Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:804F8011-69F8-4B6C-8469-51E64A2BF43D
HistoryFeb 18, 2020 - 12:00 a.m.

CVE-2020-9268

2020-02-1800:00:00
attackerkb.com
11

EPSS

0.002

Percentile

60.9%

JSON

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

Recent assessments:

J3rryBl4nks at March 09, 2020 9:11pm UTC reported:

This SQL Injection is trivial to identify and exploit:

<https://github.com/J3rryBl4nks/SOPlanning&gt;

This injection will allow you to dump the contents of the database and can be done with low privilege access.

This application does not have a large install base and so it is not incredibly valuable.

Assessed Attacker Value: 2
Assessed Attacker Value: 2Assessed Attacker Value: 5

Related

cve 1
nvd 1
cvelist 1
prion 1
cve
cve
CVE-2020-9268
2020-02-18 19:15:17
nvd
nvd
CVE-2020-9268
2020-02-18 19:15:17
cvelist
cvelist
CVE-2020-9268
2020-02-18 17:22:13
prion
prion
Sql injection
2020-02-18 19:15:00

EPSS

0.002

Percentile

60.9%

JSON
Related for AKB:804F8011-69F8-4B6C-8469-51E64A2BF43D
cve1nvd1cvelist1prion1