PT-2021-15687 · Unknown · Advanced Database Cleaner

Khanh

+1

·

Published

2021-03-18

·

Updated

2021-03-22

·

CVE-2021-24141

CVSS v3.1

7.2

High

VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Advanced Database Cleaner plugin versions prior to 3.0.2
Description: The issue arises from unvalidated input in the Advanced Database Cleaner plugin, leading to SQL injection. This allows high privilege users, such as administrators, to perform SQL attacks.
Recommendations: For versions prior to 3.0.2, update to version 3.0.2 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-24141

Affected Products

Advanced Database Cleaner