2 matches found
CVE-2020-21179
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious SQL statement via the name parameter to the signin page...
CVE-2020-21179
Affected software: koa2-blog 1.0.0 . Vulnerability: SQL injection via the name parameter on the signin page. Root cause details are not provided in the documents. Impact: CVSSv3.1 base score 9.8 (CRITICAL) and CVSS2 base 7.5 (HIGH). Exploitation details and patches are not provided; no workaround...