Lucene search
MitreCVELIST:CVE-2021-3286HistoryJan 24, 2021 - 8:41 a.m.
CVE-2021-3286
2021-01-2408:41:02
mitre
www.cve.org
4
cve-2021-3286
sql injection
spotweb 1.4.9
incomplete fix
SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545.
References
Related
debiancve
debiancve
CVE-2021-3286
2021-01-26 18:16:29
CVE-2020-35545
2020-12-17 20:15:14
osv
osv
CVE-2021-3286
2021-01-26 18:16:29
CVE-2020-35545
2020-12-17 20:15:14
ubuntucve
ubuntucve
CVE-2021-3286
2021-01-26 00:00:00
CVE-2020-35545
2020-12-17 00:00:00
nvd
nvd
CVE-2021-3286
2021-01-26 18:16:29
CVE-2020-35545
2020-12-17 20:15:14
prion
prion
Sql injection
2021-01-26 18:16:00
Sql injection
2020-12-17 20:15:00
cve
cve
CVE-2021-3286
2021-01-26 18:16:29
CVE-2020-35545
2020-12-17 20:15:14
cvelist
cvelist
CVE-2020-35545
2020-12-17 19:46:25
exploitdb
exploitdb
Spotweb 1.4.9 - 'search' SQL Injection
2020-12-21 00:00:00
packetstorm
packetstorm
Spotweb 1.4.9 SQL Injection
2020-12-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Unauthorized SQL Commands Over HTTP (CVE-2020-15153; CVE-2020-35545)
2021-06-20 00:00:00