CVE-2018-11801

2019-06-1117:29:00

Google

osv.dev

8.5 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.6%

JSON

SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table.

CPENameOperatorVersion
fineracteqmifosplatform-1.9.0-tag
fineracteq1.2.0
fineracteq1.1.0
fineracteqmifosplatform-0.12.0.beta
fineracteq1.0.0

Name	Operator	Version
fineract	eq	mifosplatform-1.9.0-tag
fineract	eq	1.2.0
fineract	eq	1.1.0
fineract	eq	mifosplatform-0.12.0.beta
fineract	eq	1.0.0

References

www.openwall.com/lists/oss-security/2019/05/09/1

www.securityfocus.com/bid/108291

lists.apache.org/thread.html/32aa471180f8978b5f0ed64fcd862769f73c40bbe6cb948abdc899bf%40%3Cdev.fineract.apache.org%3E