3 matches found
EUVD-2018-21446
Malware in sbrugna...
CVE-2018-9852
In Gxlcms QY v1.0.0713, the vulnerable component is Lib\Lib\Action\Home\HitsAction.class.php. The issue allows remote attackers to read data from the database by injecting a FROM clause into the query string of a Home-Hits request (e.g., sid=user,password%20from%20mysql.user%23). This appears as ...
Gxlcms QY Information Disclosure Vulnerability
Gxlcms QY is an enterprise website creation system. A security vulnerability exists in the Lib\Lib\Action\Home\HitsAction.class.php file in Gxlcms QY version 1.0.0713. The vulnerability can be exploited by a remote attacker to read data from the database by injecting FROM clauses into the query...