Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2021/11/19 8:42 p.m.4 views

@likenttt/waline-with-feishu (>=1.24.1 <=1.24.2), @waline/vercel (>=1.18.6 <=1.28.2) +11 more potentially affected by CVE-2020-21176 via thinkjs (>=0.1.29 <=3.2.14)

thinkjs NPM version =0.1.29, =1.24.1, =1.18.6, =0.0.2, =0.1.0, =2.1.8, =1.0.5, =1.0.0, =1.0.0, =1.0.1, =1.0.0, =0.0.0, =1.0.4 Source cves: CVE-2020-21176 Source advisory: OSV:GHSA-Q5MQ-6FJG-4MW8...

9.8CVSS7.2AI score0.01489EPSS
Exploits1
Circl
Circl
added 2021/02/01 9:25 p.m.10 views

CVE-2020-21176

creationtimestamp| type| source ---|---|--- 2021-02-01 21:25:15+00:00| seen| https://t.me/cibsecurity/22916...

9.8CVSS8.7AI score0.01489EPSS
Exploits1References1
OSV
OSV
added 2021/02/01 6:15 p.m.10 views

CVE-2020-21176

SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter...

9.8CVSS8.7AI score
Exploits0References2
CVE
CVE
added 2021/02/01 5:37 p.m.54 views

CVE-2020-21176

CVE-2020-21176 describes an SQL injection in ThinkJS 3.2.10. The affected components are the functions model.increment and model.decrement, where user-supplied input via the step parameter can be used to craft and execute arbitrary SQL commands on the backend. The vulnerability enables unauthenti...

9.8CVSS9.9AI score0.01489EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2021/01/03 12:0 a.m.24 views

Arbitrary Code Injection Over HTTP Traffic (CVE-2020-21176; CVE-2020-25042; CVE-2020-26248; CVE-2020-26712; CVE-2020-28994; CVE-2020-29284; CVE-2020-6308; CVE-2021-25912)

Arbitrary Code Injections Over HTTP Traffic...

10CVSS1AI score0.61736EPSS
Exploits15
Rows per page
Query Builder