5 matches found
EUVD-2018-1940
Malware in sbrugna...
Trovebox SQL Injection Vulnerability
Trovebox is an open source image sharing and management platform. album is one of the album components. A SQL injection vulnerability exists in the album component in Trovebox versions prior to 4.0.0-rc6. A remote attacker can exploit this vulnerability by sending an HTTP request to view, add,...
Authentication flaw
Trovebox version = 4.0.0-rc6 contains a PHP Type juggling vulnerability in album view component that can result in Authentication bypass. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 742b8edbe...
Sql injection
Trovebox version = 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can result in SQL code injection. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed...
Design/Logic Flaw
Trovebox version = 4.0.0-rc6 contains a Unsafe password reset token generation vulnerability in user component that can result in Password reset. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed...