CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-14972

Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution (RCE) via the user_email, user_pass, and id parameters on the admin login-portal and the edit-lessons webpages.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://www.exploit-db.com/exploits/48439
https://www.sourcecodester.com
https://www.exploit-db.com/exploits/48439
https://www.sourcecodester.com

Products affected by CVE-2020-14972

Pisay Online E-Learning System Project » Pisay Online E-Learning System » Version: 1.0

cpe:2.3:a:pisay_online_e-learning_system_project:pisay_online_e-learning_system:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14972

Products

Pricing

Contact Us