CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-20163

A vulnerability has been found in Red Snapper NView and classified as critical. This vulnerability affects the function mutate of the file src/Session.php. The manipulation of the argument session leads to sql injection. The name of the patch is cbd255f55d476b29e5680f66f48c73ddb3d416a8. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217516.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.8%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 5.2

References

https://github.com/RedSnapper/NView/commit/cbd255f55d476b29e5680f66f48c73ddb3d416a8
https://vuldb.com/?ctiid.217516
https://vuldb.com/?id.217516
https://github.com/RedSnapper/NView/commit/cbd255f55d476b29e5680f66f48c73ddb3d416a8
https://vuldb.com/?ctiid.217516
https://vuldb.com/?id.217516

Products affected by CVE-2017-20163

Nview Project » Nview » Version: Any

cpe:2.3:a:nview_project:nview:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-20163

Products

Pricing

Contact Us