{"id":7760,"date":"2020-07-01T19:52:16","date_gmt":"2020-07-02T02:52:16","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&p=7760"},"modified":"2023-02-27T12:55:45","modified_gmt":"2023-02-27T19:55:45","slug":"cve-2020-24600-sql-injection-in-capexweb","status":"publish","type":"zerodays","link":"https:\/\/webdev.securin.xyz\/zerodays\/cve-2020-24600-sql-injection-in-capexweb\/","title":{"rendered":"CVE-2020-24600 – SQL Injection in CAPExWeb"},"content":{"rendered":"

The GET request parameters in servlet\/capexweb.cap_sendMail are vulnerable to SQL Injection. An unauthenticated user can take over the database of the application.<\/p>\n","protected":false},"featured_media":9984,"parent":0,"menu_order":0,"template":"","vulnerability_categories":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7760"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":8,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7760\/revisions"}],"predecessor-version":[{"id":15329,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7760\/revisions\/15329"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/9984"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=7760"}],"wp:term":[{"taxonomy":"vulnerability_categories","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/vulnerability_categories?post=7760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}