4 matches found
CVE-2015-10084
A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql injection. Upgrading to version marla is able to address this issue. The name of t...
Sql injection
A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql injection. Upgrading to version marla is able to address this issue. The name of t...
CVE-2015-10084 irontec klear-library BaseController.php _prepareWhere sql injection
A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql injection. Upgrading to version marla is able to address this issue. The name of t...
Information Disclosure
craftcms/cms is vulnerable to information disclosure. A malicious user can use the redirect URL parameter in src/controllers/BaseController.php to display arbitrary sensitive information...