Vulnerability Details CVE-2020-15925
A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2020-15925
-
cpe:2.3:a:loway:queuemetrics:-
-
cpe:2.3:a:loway:queuemetrics:12.01
-
cpe:2.3:a:loway:queuemetrics:12.02
-
cpe:2.3:a:loway:queuemetrics:12.05
-
cpe:2.3:a:loway:queuemetrics:12.10
-
cpe:2.3:a:loway:queuemetrics:13.04
-
cpe:2.3:a:loway:queuemetrics:13.12
-
cpe:2.3:a:loway:queuemetrics:14.03
-
cpe:2.3:a:loway:queuemetrics:14.06
-
cpe:2.3:a:loway:queuemetrics:14.10
-
cpe:2.3:a:loway:queuemetrics:15.02
-
cpe:2.3:a:loway:queuemetrics:15.10
-
cpe:2.3:a:loway:queuemetrics:16.09
-
cpe:2.3:a:loway:queuemetrics:17.06
-
cpe:2.3:a:loway:queuemetrics:17.06.1
-
cpe:2.3:a:loway:queuemetrics:18.04
-
cpe:2.3:a:loway:queuemetrics:19.04
-
cpe:2.3:a:loway:queuemetrics:19.04.1
-
cpe:2.3:a:loway:queuemetrics:19.10