Description
A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.
References (3)
Core 3
Core References
Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.217641
Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.217641
Scores
CVSS v3
5.5
EPSS
0.0034
EPSS Percentile
56.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-89
Status
published
Products (1)
pouet/pouet2.0
< 06-22-2020
Published
Jan 08, 2023
Tracked Since
Feb 18, 2026