5 matches found
CVE-2019-11512
Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7.5...
CVE-2019-11512
Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7.5...
CVE-2019-11512
Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7.5...
CVE-2019-11512
CVE-2019-11512 describes an SQL injection in Contao 4.x, exploitable via the file manager. Affected versions span Contao 4.1 through 4.7.4, with exposure up to 4.4.38. The issue is fixed in Contao 4.4.39 and 4.7.5 (as confirmed by multiple sources). Red Hat notes the same fixed versions; other ad...
SQL injection in the file manager
Date : 2019-04-30 CVE ID : CVE-2019-11512 Description David Wind, penetration tester with A1 Digital, has discovered that the SQL injection vulnerability originally published under CVE-2017-16558 can still be exploited in the file manager in Contao 4. The security vulnerability has the identifier...