CVE-2020-23685

Published November 2nd, 2021

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to execute arbitrary code and gain escalated privileges, via the username parameter to login.php.

vtime-tech/188Jianzhan

188建站由辽宁微时光科技有限公司自主研发，已获得计算机软件著作权证书，现开源第一版，第一版遵循GPL 3.0协议开源。

GitHub