CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-21665

In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.2%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://github.com/karsonzhang/fastadmin/commit/e14008ca029d644e2486873fa22629a1d62a7380
https://github.com/karsonzhang/fastadmin/commit/e14008ca029d644e2486873fa22629a1d62a7380

Products affected by CVE-2020-21665

Fastadmin » Fastadmin » Version: 1.0.0.20191212

cpe:2.3:a:fastadmin:fastadmin:1.0.0.20191212

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-21665

Products

Pricing

Contact Us