Vulnerabilities > Cmswing > Cmswing > 1.3.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-01 | CVE-2020-20296 | SQL Injection vulnerability in Cmswing 1.3.8 An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not check the balance parameter, malicious parameters can execute arbitrary SQL commands. | 7.5 |
2021-02-01 | CVE-2020-20295 | SQL Injection vulnerability in Cmswing 1.3.8 An issue was found in CMSWing project version 1.3.8. | 7.5 |
2021-02-01 | CVE-2020-20294 | SQL Injection vulnerability in Cmswing 1.3.8 An issue was found in CMSWing project version 1.3.8. | 7.5 |