Search criteria
2 vulnerabilities found for pouet by pouetnet
CVE-2020-36648 (GCVE-0-2020-36648)
Vulnerability from nvd – Published: 2023-01-08 09:21 – Updated: 2024-08-04 17:30
VLAI?
Title
pouetnet pouet sql injection
Summary
A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.
Severity ?
5.5 (Medium)
5.5 (Medium)
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217641"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217641"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pouet",
"vendor": "pouetnet",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in pouetnet pouet 2.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Mittels Manipulieren des Arguments howmany mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als 11d615931352066fb2f6dcb07428277c2cd99baf bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T13:13:55.270Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217641"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217641"
},
{
"tags": [
"patch"
],
"url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-08T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-30T08:34:35.000Z",
"value": "VulDB entry last update"
}
],
"title": "pouetnet pouet sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2020-36648",
"datePublished": "2023-01-08T09:21:41.318Z",
"dateReserved": "2023-01-08T09:21:09.125Z",
"dateUpdated": "2024-08-04T17:30:08.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36648 (GCVE-0-2020-36648)
Vulnerability from cvelistv5 – Published: 2023-01-08 09:21 – Updated: 2024-08-04 17:30
VLAI?
Title
pouetnet pouet sql injection
Summary
A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.
Severity ?
5.5 (Medium)
5.5 (Medium)
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217641"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217641"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pouet",
"vendor": "pouetnet",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in pouetnet pouet 2.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Mittels Manipulieren des Arguments howmany mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als 11d615931352066fb2f6dcb07428277c2cd99baf bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T13:13:55.270Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217641"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217641"
},
{
"tags": [
"patch"
],
"url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-08T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-30T08:34:35.000Z",
"value": "VulDB entry last update"
}
],
"title": "pouetnet pouet sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2020-36648",
"datePublished": "2023-01-08T09:21:41.318Z",
"dateReserved": "2023-01-08T09:21:09.125Z",
"dateUpdated": "2024-08-04T17:30:08.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}