CVE-2020-36626

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-36626

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36626.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-36626

Published

2022-12-27T15:15:11.310Z

Modified

2026-04-02T06:46:30.323179Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability classified as critical has been found in Modern Tribe Panel Builder Plugin. Affected is the function addpostcontentfilteredtosearchsql of the file ModularContent/SearchFilter.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 4528d4f855dbbf24e9fc12a162fda84ce3bedc2f. It is recommended to apply a patch to fix this issue. VDB-216738 is the identifier assigned to this vulnerability.

References

Affected packages

Git / github.com/moderntribe/panel-builder

Affected ranges

Type: GIT
Repo: https://github.com/moderntribe/panel-builder
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4528d4f855dbbf24e9fc12a162fda84ce3bedc2f

Type: GIT
Repo: https://github.com/moderntribe/panel-builder
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4528d4f855dbbf24e9fc12a162fda84ce3bedc2f

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36626.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2020-05-08"
            }
        ]
    }
]