Lucene search
K

4 matches found

NVD
NVD
added 2019/12/03 10:15 p.m.28 views

CVE-2019-5109

Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.2AI score0.01064EPSS
Exploits1References1
OSV
OSV
added 2019/12/03 10:15 p.m.5 views

CVE-2019-5109

Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS7.2AI score0.01064EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/12/03 9:43 p.m.28 views

CVE-2019-5109

Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

7.4CVSS9.1AI score0.01064EPSS
Exploits1References1
CVE
CVE
added 2019/12/03 9:43 p.m.78 views

CVE-2019-5109

Forma LMS 2.2.1 is affected by SQL injection vulnerabilities in the authenticated portion. The TALOS advisory/TALOS-2019-0902 details SQLi in /appCore/ajax.adm_server.php (dir parameter) and TALOS-2019-0903/0904 describe additional vectors; CVE-2019-5109 covers /appLms/ajax.server.php filter_cat ...

8.8CVSS8.9AI score0.01064EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder