oM noM Security Feeds
cve
about
trending
pre-kev
api
reader
pro
vulnerability context
CVE-2020-35846
CVSS 9.8 CRITICAL
EPSS 99%+
CWE-89
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
Published
2020-12-30
· last modified
2026-06-17
details
CISA KEV status
Not in catalog
CVSS v3
9.8 / CRITICAL
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
99%+ percentile (score 0.9320)
CWE
CWE-89
View on NVD →
·
cve.org
source mentions
1
[CyberHub] 📌 CVE-2020-35846 - Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function....
Bluesky:@cyberhub.blog
·
1h ago
source consensus
Bluesky:@cyberhub.blog
1×
Want the 3-bullet summary of CVE-2020-35846, plus webhook alerts when KEV is updated?
Pro is $10/mo.
Open in reader
See Pro →