返回 CVE 瀏覽器

CVE-2020-23978

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0170%

EPSS Percentile11.95th

Published2020年8月27日

Last Modified2024年11月21日

Vulnerability Description

SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"

Affected Platforms (CPE)

📦

Soluzioneglobale

Ecommerce Cms

= 1.0

References & Advisories

🔗 https://cxsecurity.com/issue/WLB-2020030150

🔗 https://packetstormsecurity.com/files/156939/Soluzione-Globale-Ecommerce-CMS-1-SQL-Injection.html

🔗 https://cxsecurity.com/issue/WLB-2020030150

🔗 https://packetstormsecurity.com/files/156939/Soluzione-Globale-Ecommerce-CMS-1-SQL-Injection.html

相關漏洞威脅

CVE-2020-239769.8

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter.

CVE-2006-50966.8

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce...

CVE-2020-239756.1

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter.

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...