CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-21809

SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4.3 via the (1) listid parameter in detail.php and the (2) group_price or groupid parameters in search_result.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-21809

Nukeviet » Nukeviet » Version: 4.0.29

cpe:2.3:a:nukeviet:nukeviet:4.0.29
Nukeviet » Nukeviet » Version: 4.1.00

cpe:2.3:a:nukeviet:nukeviet:4.1.00
Nukeviet » Nukeviet » Version: 4.1.01

cpe:2.3:a:nukeviet:nukeviet:4.1.01
Nukeviet » Nukeviet » Version: 4.1.02

cpe:2.3:a:nukeviet:nukeviet:4.1.02
Nukeviet » Nukeviet » Version: 4.2.00

cpe:2.3:a:nukeviet:nukeviet:4.2.00
Nukeviet » Nukeviet » Version: 4.2.01

cpe:2.3:a:nukeviet:nukeviet:4.2.01
Nukeviet » Nukeviet » Version: 4.2.02

cpe:2.3:a:nukeviet:nukeviet:4.2.02
Nukeviet » Nukeviet » Version: 4.2.03

cpe:2.3:a:nukeviet:nukeviet:4.2.03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-21809

Products

Pricing

Contact Us