Lucene search
VulDBCVELIST:CVE-2020-36537HistoryJun 03, 2022 - 7:10 p.m.
CVE-2020-36537 Everywhere CMS sql injection
2022-06-0319:10:50
CWE-89
VulDB
www.cve.org
1
everywhere cms
sql injection
remote attack
critical vulnerability
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
9
Confidence
High
EPSS
0.001
Percentile
35.5%
A vulnerability was found in Everywhere CMS. It has been classified as critical. Affected is an unknown function. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely.
CNA Affected
[
{
"product": "CMS",
"vendor": "Everywhere",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]References
Related
prion
prion
Sql injection
2022-06-07 18:15:00
nvd
nvd
CVE-2020-36537
2022-06-07 18:15:11
cve
cve
CVE-2020-36537
2022-06-07 18:15:11
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
9
Confidence
High
EPSS
0.001
Percentile
35.5%
Related for CVELIST:CVE-2020-36537