Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:52 p.m.14 views

CVE-2019-5111

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...

8.8CVSS7.4AI score0.01393EPSS
Exploits1References1
NVD
NVD
added 2019/12/03 10:15 p.m.26 views

CVE-2019-5111

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...

8.8CVSS7.9AI score0.01393EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/12/03 9:37 p.m.27 views

CVE-2019-5111

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...

7.4CVSS8.8AI score0.01393EPSS
Exploits1References1
CVE
CVE
added 2019/12/03 9:37 p.m.76 views

CVE-2019-5111

Forma LMS 2.2.1 is affected by authenticated SQL injection in the /appLms/ajax.server.php endpoint, specifically parameters filter_cat and filter_status. Talos and multiple sources confirm exploitable injections could lead to data disclosure (e.g., usernames/password hashes) and, in some configur...

8.8CVSS8.7AI score0.01393EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder