CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2021/04/13 3:15 p.m.•14 views

CVE-2020-13566

SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/editgroup.php, when the POST parameter action is “Delete”, the POST parameter deletegroup leads to a SQL...

8.8CVSS0.00063EPSS

OSV•added 2021/04/13 3:15 p.m.•11 views

CVE-2020-13566

8.8CVSS8.1AI score

Exploits0References1

NVD•added 2021/04/13 3:15 p.m.•7 views

CVE-2020-13568

SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/editgroup.php, when the POST parameter action is “Submit”, the POST parameter parentid leads to a SQL...

8.8CVSS0.00241EPSS

OSV•added 2021/04/13 3:15 p.m.•9 views

CVE-2020-13568

8.8CVSS7.9AI score

Exploits0References1

Prion•added 2021/04/13 3:15 p.m.•15 views

Sql injection

6.5CVSS9.1AI score0.00063EPSS

OSV•added 2021/04/13 3:15 p.m.•2 views

UBUNTU-CVE-2020-13568

8.8CVSS7.3AI score0.00241EPSS

Exploits1References3

UbuntuCve•added 2021/04/13 3:15 p.m.•15 views

CVE-2020-13568

8.8CVSS7.2AI score0.00241EPSS

Prion•added 2021/04/13 3:15 p.m.•16 views

Sql injection

6.5CVSS8.9AI score0.00241EPSS

UbuntuCve•added 2021/04/13 3:15 p.m.•16 views

CVE-2020-13566

8.8CVSS7.2AI score0.00063EPSS

OSV•added 2021/04/13 3:15 p.m.•1 views

UBUNTU-CVE-2020-13566

8.8CVSS7.3AI score0.00063EPSS

Exploits1References3

Cvelist•added 2021/04/13 3:0 p.m.•13 views

CVE-2020-13568

8.8CVSS9AI score0.00241EPSS

CVE•added 2021/04/13 3:0 p.m.•45 views

CVE-2020-13568

CVE-2020-13568 affects phpGACL 3.3.7. A SQL injection exists in admin/edit_group.php triggered by a crafted HTTP request where action is “Submit” and the POST parameter parent_id leads to injection. Multiple connected sources (e.g., PT-2021-9641, OSV/NVD/NASL lines) reiterate the same vulnerabili...

8.8CVSS8.9AI score0.00241EPSS

Cvelist•added 2021/04/13 2:59 p.m.•12 views

CVE-2020-13566

8.8CVSS9.2AI score0.00063EPSS

CVE•added 2021/04/13 2:59 p.m.•48 views

CVE-2020-13566

CVE-2020-13566 affects phpGACL 3.3.7. The vulnerability is a SQL injection in admin/edit_group.php when action=Delete and the delete_group parameter is supplied, enabling crafted HTTP requests to inject SQL. Documents confirm affected software, the vulnerable component/file, and the underlying ca...

8.8CVSS9.1AI score0.00063EPSS

CNNVD•added 2021/04/13 12:0 a.m.•4 views

phpGACL SQL注入漏洞

phpGACL is an open source PHP class for Web developers to provide a simple but powerful "insert" permission system . For its current Web-based applications to use . Phpgacl version 3.3.7 SQL injection vulnerability , the vulnerability stems from the program admin/edit group.php page SQL injection...

8.8CVSS8.1AI score0.00241EPSS

CNNVD•added 2021/04/13 12:0 a.m.•4 views

phpGACL SQL注入漏洞

8.8CVSS8.1AI score0.00063EPSS

OpenVAS•added 2021/02/12 12:0 a.m.•13 views

OpenEMR <= 6.0.0 phpGACL Open Redirect Vulnerability

OpenEMR is prone to an open redirect vulnerability in the phpGACL library. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.2AI score0.03753EPSS

NVD•added 2021/02/10 8:15 p.m.•13 views

CVE-2020-13565

An open redirect vulnerability exists in the returnpage redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide...

6.1CVSS0.03753EPSS