CVE-2018-25071
CVE-2018-25071 affects roxlukas LMeve up to 0.1.58. The vulnerability is in the function insert_log of wwwroot/ccpwgl/proxy.php, where manipulation of the fetch parameter enables SQL injection. The issue is mitigated by upgrading to version 0.1.59-beta (patch identified as c25ff7fe83a2cda1fcb365b...