CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-36030

Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet been patched. Users are advised to restrict user input and to upgrade when a new release becomes available.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/vinsdragonis/Project-Nexus/security/advisories/GHSA-3pv7-25cc-mjvv
https://github.com/vinsdragonis/Project-Nexus/security/advisories/GHSA-3pv7-25cc-mjvv

Products affected by CVE-2022-36030

Project-Nexus Project » Project-Nexus » Version: 1.0.1

cpe:2.3:a:project-nexus_project:project-nexus:1.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-36030

Products

Pricing

Contact Us