CVE-2020-21119

Name of the Vulnerable Software and Affected Versions Kliqqi-CMS version 2.0.2

Description The issue allows attackers to gain escalated privileges and execute arbitrary code through a SQL Injection vulnerability in the admin/admin update module widgets.php file, specifically in the recordIDValue parameter.

Recommendations For Kliqqi-CMS version 2.0.2, consider restricting access to the admin/admin update module widgets.php file until a patch is available, and avoid using the recordIDValue parameter in this context to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.