What is CVE-2020-36112?

CVE-2020-36112 is a vulnerability in N/a. Published 2021-01-04.

Is CVE-2020-36112 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-36112

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of this vulnerability will lead to an attacke…

EPSS: 0.895 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
Elsfa7-110/kenzer-templates
StarCrossPortal/scalpel
anonymous364872/Rapier_
apif-review/APIF_
apit-review-account/apit-tool
d4n-sec/d4n-sec.github.io
youcans896768/APIV_

References

www.exploit-db.com/exploits/49314 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-36112?: CVE-2020-36112 is a vulnerability in N/a. Published 2021-01-04.
Is CVE-2020-36112 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.