5 matches found
CVE-2020-36136
creationtimestamp| type| source ---|---|--- 2023-08-11 18:16:51+00:00| seen| https://t.me/cibsecurity/68348...
CVE-2020-36136
SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pmsendmail parameter in cszmodel.php...
CVE-2020-36136
SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pmsendmail parameter in cszmodel.php...
CVE-2020-36136
SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pmsendmail parameter in cszmodel.php...
CVE-2020-36136
CVE-2020-36136 affects the CSZCMS package from the vendor path cskaza, specifically version 1.2.9. The root cause is a lack of validation of externally supplied SQL statements in the pm_sendmail parameter within csz_model.php, enabling an attacker to perform SQL Injection and potentially access s...