PT-2023-11815 · Unknown · Square Squalor
Published
2023-01-07
·
Updated
2026-02-18
·
CVE-2020-36645
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
square squalor versions prior to v0.0.0
Description
A critical issue was found in square squalor, affecting an unknown part, leading to sql injection. The manipulation with the
table name parameter is potentially vulnerable to SQL injection.Recommendations
For versions prior to v0.0.0, upgrade to version v0.0.0 to address this issue. As a temporary workaround, consider restricting the use of the
table name parameter to minimize the risk of exploitation.Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Square Squalor