{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2020-36648","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2023-01-08T09:21:09.125Z","datePublished":"2023-01-08T09:21:41.318Z","dateUpdated":"2024-08-04T17:30:08.329Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2023-10-20T13:13:55.270Z"},"title":"pouetnet pouet sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"CWE-89 SQL Injection"}]}],"affected":[{"vendor":"pouetnet","product":"pouet","versions":[{"version":"2.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability."},{"lang":"de","value":"Es wurde eine kritische Schwachstelle in pouetnet pouet 2.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Mittels Manipulieren des Arguments howmany mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Patch wird als 11d615931352066fb2f6dcb07428277c2cd99baf bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":5.5,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.5,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.2,"vectorString":"AV:A/AC:L/Au:S/C:P/I:P/A:P"}}],"timeline":[{"time":"2023-01-08T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2023-01-08T00:00:00.000Z","lang":"en","value":"CVE reserved"},{"time":"2023-01-08T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2023-01-30T08:34:35.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"VulDB GitHub Commit Analyzer","type":"tool"}],"references":[{"url":"https://vuldb.com/?id.217641","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.217641","tags":["signature","permissions-required"]},{"url":"https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf","tags":["patch"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T17:30:08.329Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.217641","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.217641","tags":["signature","permissions-required","x_transferred"]},{"url":"https://github.com/pouetnet/pouet2.0/commit/11d615931352066fb2f6dcb07428277c2cd99baf","tags":["patch","x_transferred"]}]}]}}