1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4261 – pacman-canvas db-handler.php addHighscore sql injection
https://notcve.org/view.php?id=CVE-2021-4261
A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is the function addHighscore of the file data/db-handler.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.6 is able to address this issue. • https://github.com/platzhersh/pacman-canvas/commit/29522c90ca1cebfce6453a5af5a45281d99b0646 https://github.com/platzhersh/pacman-canvas/releases/tag/1.0.6 https://vuldb.com/?id.216270 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •