High severity8.8NVD Advisory· Published Jun 1, 2020· Updated Jun 17, 2026
CVE-2020-13694
CVE-2020-13694
Description
In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- QuickBox/QuickBoxdescription
- Range: <=2.5.5
- Range: <=2.1.8
Patches
Vulnerability mechanics
References
1- s1gh.sh/cve-2020-13448-quickbox-authenticated-rce/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.