Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-24	CVE-2020-35337	SQL Injection vulnerability in Thinksaas ThinkSAAS before 3.38 contains a SQL injection vulnerability through app/topic/action/admin/topic.php via the title parameter, which allows remote attackers to execute arbitrary SQL commands. network low complexity thinksaas CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.