Lucene search

K

MitreCVELIST:CVE-2020-26677

HistoryMay 26, 2021 - 11:58 a.m.

CVE-2020-26677

2021-05-2611:58:21

mitre

www.cve.org

4

vfairs api

sql injection

security vulnerability

AI Score

9

Confidence

High

EPSS

0.002

Percentile

57.5%

Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API.

References

vfairs.com

api.vfairs.com/v1/users/

www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack

AI Score

9

Confidence

High

EPSS

0.002

Percentile

57.5%

Related for CVELIST:CVE-2020-26677

cve1 prion1 nvd1