Share:

CVE-2020-9268 - Soplanning Soplanning

February 19, 2020

Critical 7.5

SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets.php?order=nom_createur&by= substring.

Affected software

Soplanning Soplanning

Reference links

https://github.com/J3rryBl4nks/SOPlanning/blob/master/SQLInjectionProjects.md

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.