Vulnerability Details CVE-2020-10512
HGiga C&Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CCMAILN before olln-calendar-5.0-100.i386.rpm contains a SQL Injection vulnerability which allows attackers to injecting SQL commands in the URL parameter to execute unauthorized commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- https://gist.github.com/tonykuo76/d52014bbe81995eda499201446aec57a
- https://www.chtsecurity.com/news/545daf88-adb4-4417-9870-426490c1429e
- https://www.twcert.org.tw/tw/cp-132-3536-79545-1.html
- https://gist.github.com/tonykuo76/d52014bbe81995eda499201446aec57a
- https://www.chtsecurity.com/news/545daf88-adb4-4417-9870-426490c1429e
- https://www.twcert.org.tw/tw/cp-132-3536-79545-1.html
Products affected by CVE-2020-10512
-
cpe:2.3:a:hgiga:oaklouds_ccm@il:-