Vulnerability Details CVE-2020-11812
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters0value.html
- https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters1value.html
- https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters0value.html
- https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters1value.html
Products affected by CVE-2020-11812
-
cpe:2.3:a:rukovoditel:rukovoditel:2.5.2