CVE-2020-12507

HIGH

s::can moni::tools <4.2 - SQL Injection

Title source: llm
STIX 2.1

Description

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.

References (1)

Core 1

Scores

CVSS v3 8.8
EPSS 0.0069
EPSS Percentile 48.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
badgermeter/moni\ \ tool
Published Nov 15, 2022
Tracked Since Feb 18, 2026