3 matches found
Square 9 GlobalForms 6.2.x Blind SQL Injection Exploit
Exploit for php platform in category web applications Blind SQL Injection in Square 9 GlobalForms = 6.2.x CVE-2018-8820 Product Description GlobalFormsAr is Square 9as powerful web forms product. GlobalForms can live separate of GlobalSearch and runs on a separate Web Engine. Vulnerability Type...
Square 9 GlobalForms 6.2.x Blind SQL Injection
Blind SQL Injection in Square 9 GlobalForms = 6.2.x CVE-2018-8820 Product Description GlobalFormsAr is Square 9as powerful web forms product. GlobalForms can live separate of GlobalSearch and runs on a separate Web Engine. Vulnerability Type Blind SQL injection Vulnerability Description Square 9...
CVE-2018-8820
Square 9 GlobalForms 6.2.x is vulnerable to a time-based SQL injection in the match parameter. The issue allows remote authenticated attackers to execute arbitrary SQL and, in some cases, upgrade to full server compromise via xp_cmdshell; authentication can sometimes be achieved with default admi...