Search

Find a vulnerability

Search criteria

    2 vulnerabilities by pouet

    CVE-2020-36648 (GCVE-0-2020-36648)

    Vulnerability from nvd – Published: 2023-01-08 09:21 – Updated: 2024-08-04 17:30
    VLAI
    Title
    pouetnet pouet sql injection
    Summary
    A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.217641 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.217641 signaturepermissions-required
    https://github.com/pouetnet/pouet2.0/commit/11d61… patch
    Impacted products
    Vendor Product Version
    pouetnet pouet Affected: 2.0
    Create a notification for this product.
    Credits
    VulDB GitHub Commit Analyzer
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:30:08.329Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.217641"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.217641"
              },
              {
                "tags": [
                  "patch",
                  "x_transferred"
                ],
                "url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pouet",
              "vendor": "pouetnet",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "tool",
              "value": "VulDB GitHub Commit Analyzer"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in pouetnet pouet 2.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Mittels Manipulieren des Arguments howmany mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als 11d615931352066fb2f6dcb07428277c2cd99baf bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.2,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-20T13:13:55.270Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.217641"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.217641"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-01-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-01-08T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-01-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-01-30T08:34:35.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "pouetnet pouet sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2020-36648",
        "datePublished": "2023-01-08T09:21:41.318Z",
        "dateReserved": "2023-01-08T09:21:09.125Z",
        "dateUpdated": "2024-08-04T17:30:08.329Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-36648 (GCVE-0-2020-36648)

    Vulnerability from cvelistv5 – Published: 2023-01-08 09:21 – Updated: 2024-08-04 17:30
    VLAI
    Title
    pouetnet pouet sql injection
    Summary
    A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.217641 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.217641 signaturepermissions-required
    https://github.com/pouetnet/pouet2.0/commit/11d61… patch
    Impacted products
    Vendor Product Version
    pouetnet pouet Affected: 2.0
    Create a notification for this product.
    Credits
    VulDB GitHub Commit Analyzer
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:30:08.329Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.217641"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.217641"
              },
              {
                "tags": [
                  "patch",
                  "x_transferred"
                ],
                "url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pouet",
              "vendor": "pouetnet",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "tool",
              "value": "VulDB GitHub Commit Analyzer"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in pouetnet pouet 2.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Mittels Manipulieren des Arguments howmany mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als 11d615931352066fb2f6dcb07428277c2cd99baf bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 5.2,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-20T13:13:55.270Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.217641"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.217641"
            },
            {
              "tags": [
                "patch"
              ],
              "url": "https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-01-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-01-08T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-01-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-01-30T08:34:35.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "pouetnet pouet sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2020-36648",
        "datePublished": "2023-01-08T09:21:41.318Z",
        "dateReserved": "2023-01-08T09:21:09.125Z",
        "dateUpdated": "2024-08-04T17:30:08.329Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }