CVEDB API

HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.9%

CVSS Severity

CVSS v3 Score 7.0

CVSS v2 Score 6.5

References

Products affected by CVE-2020-35743

Hgiga » Msr45 Isherlock-Antispam » Version: 4.5-130

cpe:2.3:a:hgiga:msr45_isherlock-antispam:4.5-130
Hgiga » Msr45 Isherlock-User » Version: 4.5-114

cpe:2.3:a:hgiga:msr45_isherlock-user:4.5-114
Hgiga » Msr45 Isherlock-User » Version: 4.5-115

cpe:2.3:a:hgiga:msr45_isherlock-user:4.5-115
Hgiga » Msr45 Isherlock-User » Version: 4.5-117

cpe:2.3:a:hgiga:msr45_isherlock-user:4.5-117
Hgiga » Msr45 Isherlock-User » Version: 4.5-81

cpe:2.3:a:hgiga:msr45_isherlock-user:4.5-81
Hgiga » Ssr45 Isherlock-Antispam » Version: 4.5-130

cpe:2.3:a:hgiga:ssr45_isherlock-antispam:4.5-130
Hgiga » Ssr45 Isherlock-User » Version: 4.5-114

cpe:2.3:a:hgiga:ssr45_isherlock-user:4.5-114
Hgiga » Ssr45 Isherlock-User » Version: 4.5-115

cpe:2.3:a:hgiga:ssr45_isherlock-user:4.5-115
Hgiga » Ssr45 Isherlock-User » Version: 4.5-117

cpe:2.3:a:hgiga:ssr45_isherlock-user:4.5-117