CVE-2020-23630: SQL Injection
First published: Mon Jan 11 2021(Updated: )
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzcms Zzcms | =201910 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-23630?
CVE-2020-23630 is a blind SQL injection vulnerability that exists in zzcms ver201910 based on time (cookie injection).
What is the severity of CVE-2020-23630?
The severity of CVE-2020-23630 is high with a CVSS score of 8.8.
How does the blind SQL injection vulnerability in zzcms ver201910 based on time (cookie injection) work?
The blind SQL injection vulnerability in zzcms ver201910 allows an attacker to inject malicious SQL queries into the application's database through a time-based attack technique.
What is the affected software for CVE-2020-23630?
The affected software for CVE-2020-23630 is zzcms ver201910.
How can I fix the blind SQL injection vulnerability in zzcms ver201910?
To fix the blind SQL injection vulnerability in zzcms ver201910, it is recommended to update to a patched version of the software or apply any available security patches provided by the vendor.
- collector/nvd-index
- agent/event
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/zzcms
- canonical/zzcms zzcms
- version/zzcms zzcms/201910