4 matches found
CVE-2019-5109
Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5109
Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5109
Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...
CVE-2019-5109
Forma LMS 2.2.1 is affected by SQL injection vulnerabilities in the authenticated portion. The TALOS advisory/TALOS-2019-0902 details SQLi in /appCore/ajax.adm_server.php (dir parameter) and TALOS-2019-0903/0904 describe additional vectors; CVE-2019-5109 covers /appLms/ajax.server.php filter_cat ...