2 matches found
CVE-2015-10018
DBRisinajumi d2files has a SQL injection vulnerability in the file and function controllers/D2filesController.php: actionUpload/actionDownloadFile . The issue affects versions prior to 1.0.0 and is addressed by upgrading to 1.0.0 (patch id b5767f2ec9d0f3cbfda7f13c84740e2179c90574 ). Several sourc...
CVE-2015-10018 DBRisinajumi d2files D2filesController.php actionDownloadFile sql injection
A vulnerability has been found in DBRisinajumi d2files and classified as critical. Affected by this vulnerability is the function actionUpload/actionDownloadFile of the file controllers/D2filesController.php. The manipulation leads to sql injection. Upgrading to version 1.0.0 is able to address...