An unauthenticated SQL Injection vulnerability exists in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php.
CPE | Name | Operator | Version |
---|---|---|---|
rosariosis | eq | 6.8 | |
rosariosis | eq | 2.1.1 | |
rosariosis | eq | 5.0-beta4 | |
rosariosis | eq | 2.8.1 | |
rosariosis | eq | 5.4.1 | |
rosariosis | eq | 5.6.4 | |
rosariosis | eq | 2.8.8 | |
rosariosis | eq | 5.7.2 | |
rosariosis | eq | 2.8.12 | |
rosariosis | eq | 2.8.25 |
gitlab.com/francoisjacquet/rosariosis/-/blob/mobile/CHANGES.md#changes-in-761
gitlab.com/francoisjacquet/rosariosis/-/commit/519af055a4fdc1362657d75bca76f9c95a081eaa
gitlab.com/francoisjacquet/rosariosis/-/commit/e001430aa9fb53d2502fb6f036f6c51c578d2016
gitlab.com/francoisjacquet/rosariosis/-/issues/308