CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-36136

SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 15.0%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/cskaza/cszcms/issues/26
https://github.com/cskaza/cszcms/issues/26

Products affected by CVE-2020-36136

Cskaza » Cszcms » Version: 1.2.9

cpe:2.3:a:cskaza:cszcms:1.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36136

Products

Pricing

Contact Us