6 matches found
CVE-2021-42325
Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name...
Exploit for SQL Injection in Froxlor
CVE-2021-42325-...
Froxlor SQL Injection (CVE-2021-42325)
An SQL injection vulnerability exists in Froxlor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Froxlor 0.10.29.1 - SQL Injection (Authenticated) Vulnerability
Exploit Title: Froxlor 0.10.29.1 - SQL Injection Authenticated Exploit Author: Martin Cernac Vendor: Froxlor https://froxlor.org/ Software Link: https://froxlor.org/download.php Affected Version: 0.10.28, 0.10.29, 0.10.29.1 Patched Version: 0.10.30 Category: Web Application Tested on: Ubuntu CVE:...
Froxlor 0.10.29.1 SQL Injection
Exploit Title: Froxlor 0.10.29.1 - SQL Injection Authenticated Exploit Author: Martin Cernac Date: 2021-11-05 Vendor: Froxlor https://froxlor.org/ Software Link: https://froxlor.org/download.php Affected Version: 0.10.28, 0.10.29, 0.10.29.1 Patched Version: 0.10.30 Category: Web Application Teste...
CVE-2021-42325
Froxlor up to version 0.10.29.1 is affected by an SQL injection in Database/Manager/DbManagerMySQL.php when a custom database name is used. The issue enables an attacker with authenticated access to potentially escalate privileges; PoC/exploits exist (e.g., Exploit-DB 50502) and public advisories...