CVE-2020-36648

Source
https://cve.org/CVERecord?id=CVE-2020-36648
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36648.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-36648
Published
2023-01-08T10:15:11.793Z
Modified
2026-07-08T05:59:07.527520385Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability, which was classified as critical, was found in pouetnet pouet 2.0. This affects an unknown part. The manipulation of the argument howmany leads to sql injection. The identifier of the patch is 11d615931352066fb2f6dcb07428277c2cd99baf. It is recommended to apply a patch to fix this issue. The identifier VDB-217641 was assigned to this vulnerability.

Database specific
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "fixed": "06-22-2020"
                }
            ],
            "source": "CPE_RANGE",
            "vendor_product": "pouet:pouet2.0",
            "cpes": [
                "cpe:2.3:a:pouet:pouet2.0:*:*:*:*:*:*:*:*"
            ]
        }
    ]
}
References

Affected packages

Git / github.com/pouetnet/pouet-www-v2.0

Affected ranges

Type
GIT
Repo
https://github.com/pouetnet/pouet-www-v2.0
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36648.json"