Skip to main content

Gnuteca

2 CVEs product

Monthly

CVE-2020-12766 CRITICAL Act Now

Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Gnuteca
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-12764 MEDIUM POC This Month

Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Gnuteca
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Gnuteca
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Gnuteca
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy