4 matches found
CVE-2019-5111
Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...
CVE-2019-5111
Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...
CVE-2019-5111
Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filtercat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters...
CVE-2019-5111
Forma LMS 2.2.1 is affected by authenticated SQL injection in the /appLms/ajax.server.php endpoint, specifically parameters filter_cat and filter_status. Talos and multiple sources confirm exploitable injections could lead to data disclosure (e.g., usernames/password hashes) and, in some configur...