2 matches found
CVE-2020-23045
Macrob7 Macs Framework Content Management System - 1.14f was discovered to contain a SQL injection vulnerability via the 'roleId' parameter of the editRole and deletUser modules...
CVE-2020-23045
Macrob7 Macs Framework Content Management System, version 1.14f, is reported to contain an SQL injection vulnerability in the editRole and deletUser modules triggered by the roleId parameter. The root cause is improper handling of the roleId input leading to SQL injection. No explicit remediation...