CVE-2020-20296

An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not check the balance parameter, malicious parameters can execute arbitrary SQL commands.
References
Link Resource
https://github.com/arterli/CmsWing/issues/51 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:cmswing:cmswing:1.3.8:*:*:*:*:*:*:*

Information

Published : 2021-02-01 06:15

Updated : 2021-02-02 03:58


NVD link : CVE-2020-20296

Mitre link : CVE-2020-20296

Products Affected
No products.
CWE