CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25006

Heybbs v1.2 has a SQL injection vulnerability in login.php file via the username parameter which may allow a remote attacker to execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://www.exploit-db.com/
https://www.jazzsec.com/2020/08/27/heybbs-has-three-file-sql-injection-vulnerabilities/
https://www.exploit-db.com/
https://www.jazzsec.com/2020/08/27/heybbs-has-three-file-sql-injection-vulnerabilities/

Products affected by CVE-2020-25006

Heybbs Project » Heybbs » Version: 1.2

cpe:2.3:a:heybbs_project:heybbs:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25006

Products

Pricing

Contact Us