Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:EF2668A4-B826-4AC8-9DB1-56C4EB2E28C1
HistoryDec 09, 2020 - 12:00 a.m.

DiveBook <= 1.1.4 - Unauthenticated SQL Injection

2020-12-0900:00:00
wpscan.com
7
divebook
unauthenticated
sql injection
filter_diver
parameter
vulnerability

EPSS

0.001

Percentile

36.2%

JSON

The filter_diver GET parameter, in pages where the DiveBook is embed, does not properly sanitise and validate user data, leading to an Unauthenticated SQL injection vulnerability.

PoC

The PoC will be displayed once the issue has been remediated

Related

cvelist 1
patchstack 1
wpexploit 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2020-14207
2020-12-08 19:50:21
patchstack
patchstack
WordPress DiveBook plugin <= 1.1.4 - Unauthenticated SQL Injection (SQLi) vulnerability
2020-12-09 00:00:00
wpexploit
wpexploit
DiveBook <= 1.1.4 - Unauthenticated SQL Injection
2020-12-09 00:00:00
prion
prion
Sql injection
2020-12-08 20:15:00
nvd
nvd
CVE-2020-14207
2020-12-08 20:15:15
cve
cve
CVE-2020-14207
2020-12-08 20:15:15

EPSS

0.001

Percentile

36.2%

JSON
Related for WPVDB-ID:EF2668A4-B826-4AC8-9DB1-56C4EB2E28C1
cvelist1patchstack1wpexploit1prion1nvd1cve1