CVE-2020-36539

MEDIUM

Lgico y Creativo 1.0 - SQL Injection via id Parameter

Title source: llm
STIX 2.1

Description

A vulnerability was found in Lógico y Creativo 1.0 and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
https://vuldb.com/?id.159953

Scores

CVSS v3 6.3
EPSS 0.0062
EPSS Percentile 45.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
logicoycreativo/logico_y_creativo 1.0
Published Jun 07, 2022
Tracked Since Feb 18, 2026