Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.6 views

CVE-2020-13968

CRK Business Platform = 2019.1 allows can inject SQL statements against the DB on any path using the 'strSessao' parameter...

9.8CVSS7.7AI score0.0134EPSS
Exploits1
Circl
Circl
added 2020/12/23 9:13 p.m.5 views

CVE-2020-13968

creationtimestamp| type| source ---|---|--- 2020-12-23 21:13:11+00:00| seen| https://t.me/cibsecurity/21250...

9.8CVSS8.7AI score0.0134EPSS
Exploits1References1
CVE
CVE
added 2020/12/23 5:19 p.m.50 views

CVE-2020-13968

CRK Business Platform <= 2019.1 is vulnerable to SQL injection via the strSessao parameter on any path, allowing the attacker to inject statements against the database. The root cause is unauthenticated input in the strSessao parameter that is not properly sanitized before being used in SQL st...

9.8CVSS9.6AI score0.0134EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/12/23 5:19 p.m.22 views

CVE-2020-13968

CRK Business Platform = 2019.1 allows can inject SQL statements against the DB on any path using the 'strSessao' parameter...

9.8AI score0.0134EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2020/10/10 3:3 p.m.7 views

cc-craft.ie Improper Access Control vulnerability OBB-1395895

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.2AI score
Exploits0
Rows per page
Query Builder