SQL Injection Vulnerability in ThinkJS 3.2.10 Model Increment and Decrement Functions
CVE-2020-21176 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SQL injection vulnerability in the model.increment and model.decrement function in ThinkJS 3.2.10 allows remote attackers to execute arbitrary SQL commands via the step parameter.
Learn more about our Web Application Penetration Testing UK.