Lucene search
TalosCVELIST:CVE-2020-13567HistoryApr 18, 2022 - 4:15 p.m.
CVE-2020-13567
2022-04-1816:15:22
CWE-89
talos
www.cve.org
3
cve-2020-13567
sql injection
phpgacl
http request
vulnerability
attacker
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
65.0%
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
CNA Affected
[
{
"product": "OpenEMR",
"vendor": "OpenEMR",
"versions": [
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce)"
}
]
},
{
"product": "phpGACL",
"vendor": "phpGACL",
"versions": [
{
"status": "affected",
"version": "3.3.7"
}
]
}
]Related
nvd
nvd
CVE-2020-13567
2022-04-18 17:15:12
osv
osv
CVE-2020-13567
2022-04-18 17:15:12
prion
prion
Sql injection
2022-04-18 17:15:00
cve
cve
CVE-2020-13567
2022-04-18 17:15:12
talos
talos
phpGACL database multiple SQL injection vulnerabilities
2021-01-27 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
65.0%
Related for CVELIST:CVE-2020-13567