First published: Tue Oct 27 2020(Updated: )
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Victor Cms Project Victor Cms | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-23945 is a SQL injection vulnerability in Victor CMS V1.0 that exists in the cat_id parameter of the category.php file.
CVE-2020-23945 has a severity score of 7.5 (High).
The SQL injection vulnerability in Victor CMS V1.0 can be exploited by manipulating the cat_id parameter in the category.php file to execute unauthorized SQL queries.
Yes, an update or patch provided by Victor CMS Project to address the SQL injection vulnerability in Victor CMS V1.0.
You can find more information about CVE-2020-23945 in the GitHub issue: https://github.com/VictorAlagwu/CMSsite/issues/14.