2 matches found
doorGets SQL Injection Vulnerability (CNVD-2019-13801)
DoorGets is a free and open source content management system. A SQL injection vulnerability exists in /doorgets/app/requests/user/configurationRequest.php in doorGets 7.0 at action=analytics. A user with remote backend administrator privileges or a user with administrative configuration analytics...
CVE-2019-11621
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. A remote background administrator privilege user or a user with permission to manage network configuration could exploit the vulnerability to obtain database sensitive...