Lucene search
MitreCVELIST:CVE-2020-26546HistoryOct 12, 2020 - 6:59 p.m.
CVE-2020-26546
2020-10-1218:59:36
mitre
www.cve.org
4
cve-2020-26546
helpdeskz
auto-login
sql injection
rememberme
vulnerability
unsupported products
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
47.2%
An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Related
cve
cve
CVE-2020-26546
2020-10-12 19:15:12
nvd
nvd
CVE-2020-26546
2020-10-12 19:15:12
prion
prion
Sql injection
2020-10-12 19:15:00
vulnrichment
vulnrichment
CVE-2020-26546
2020-10-12 18:59:36
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
47.2%
Related for CVELIST:CVE-2020-26546