5 matches found
CVE-2019-19245
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...
CVE-2019-19245
creationtimestamp| type| source ---|---|--- 2025-02-02 11:26:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3789 2025-02-03 08:53:13+00:00| seen| https://bsky.app/profile/hacker.at.thenote.app/post/3lhb64vdklk2n 2025-02-06 02:39:09+00:00| seen|...
NAPC Xinet Elegant 6 Asset Library SQL injection (CVE-2019-19245)
An SQL injection vulnerability exists in NAPC Xinet Elegant 6 Asset Library. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
CVE-2019-19245
NAPC Xinet Elegant 6 Asset Library Web Interface v6.1.655 is affected by a Pre-Authentication SQL Injection in the /elegant6/login endpoint via the LoginForm[username] field when double quotes are used. Root cause is lack of input validation allowing SQL statements to be injected before authentic...
Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection Vulnerability
NAPC Xinet interface Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginFormusername field when double quotes are used. + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...