CVE-2020-23945: SQL Injection
First published: Tue Oct 27 2020(Updated: )
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Victor Cms Project Victor Cms | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-23945?
CVE-2020-23945 is a SQL injection vulnerability in Victor CMS V1.0 that exists in the cat_id parameter of the category.php file.
How severe is CVE-2020-23945?
CVE-2020-23945 has a severity score of 7.5 (High).
How can the SQL injection vulnerability in Victor CMS V1.0 be exploited?
The SQL injection vulnerability in Victor CMS V1.0 can be exploited by manipulating the cat_id parameter in the category.php file to execute unauthorized SQL queries.
Is there a fix for CVE-2020-23945?
Yes, an update or patch provided by Victor CMS Project to address the SQL injection vulnerability in Victor CMS V1.0.
Where can I find more information about CVE-2020-23945?
You can find more information about CVE-2020-23945 in the GitHub issue: https://github.com/VictorAlagwu/CMSsite/issues/14.
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- vendor/victor cms project
- canonical/victor cms project victor cms
- version/victor cms project victor cms/1.0