CVE-2019-20179

SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*

History

07 Nov 2023, 03:08

Type Values Removed Values Added
References
  • {'url': 'https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1', 'name': 'https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MISC'}
  • () https://medium.com/%40Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1 -

Information

Published : 2020-01-09 22:15

Updated : 2024-02-28 17:28


NVD link : CVE-2019-20179

Mitre link : CVE-2019-20179

CVE.ORG link : CVE-2019-20179


JSON object : View

Products Affected

soplanning

  • soplanning
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')