ID AKB:66A353E1-D685-4F59-9F14-5B981788E874
Type attackerkb
Reporter AttackerKB
Modified 2020-07-24T00:00:00


Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_cat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.

Recent assessments:

wvu-r7 at December 05, 2019 5:17pm UTC reported:

This is indeed post-auth SQLi. Users with credentialed access to internal services, such as a disgruntled employee, are potential attackers. The utility of this bug is low.

Assessed Attacker Value: 1
Assessed Attacker Value: 5