2 matches found
Appnitro MachForm < 4.2.3 Multiple Vulnerabilities
Appnitro MachForm is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...
CVE-2018-6411
CVE-2018-6411 affects Appnitro MachForm before 4.2.3. The vulnerability arises when a form filters: a blacklist may automatically include dangerous extensions, while a whitelist can be bypassed via an ap_form_elements SQL Injection. This implies risk of SQL Injection and filter bypass (impacting ...