4 matches found
EUVD-2018-21768
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to modify user...
CVE-2018-25257 Adianti Framework 5.5.0 and 5.6.0 SQL Injection via Profile
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to modify user...
CVE-2018-25257
CVE-2018-25257 – Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability. An authenticated user can inject SQL code via the name field in SystemProfileForm's profile edit endpoint to manipulate queries, potentially modifying user credentials and gaining administrative access. Af...
CVE-2018-25257
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to modify user...