CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20163 – Red Snapper NView Session.php mutate sql injection
https://notcve.org/view.php?id=CVE-2017-20163
05 Jan 2023 — A vulnerability has been found in Red Snapper NView and classified as critical. This vulnerability affects the function mutate of the file src/Session.php. The manipulation of the argument session leads to sql injection. The name of the patch is cbd255f55d476b29e5680f66f48c73ddb3d416a8. It is recommended to apply a patch to fix this issue. • https://github.com/RedSnapper/NView/commit/cbd255f55d476b29e5680f66f48c73ddb3d416a8 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-4595
https://notcve.org/view.php?id=CVE-2005-4595
31 Dec 2005 — Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory. • http://bugs.gentoo.org/show_bug.cgi?id=117063 •