CVE-2017-20137 in B2B Scriptinfo

Summary

A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7' AND 6539=6539 AND 'Fakj'='Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsible

VulDB

Reservation

06/28/2022

Disclosure

07/16/2022

Moderation

VulDB entry created

Entries

VDB-96281

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

6.7

EPSS

0.00282

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20137
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20137
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20137/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!