5 matches found
CVE-2018-17831
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rexlist class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rexlist were used...
CVE-2018-17831
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rexlist class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rexlist were used...
Sql injection
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rexlist class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rexlist were used...
CVE-2018-17831
CVE-2018-17831 affects REDAXO prior to 5.6.3. The vulnerability is a SQL injection in the rex_list class caused by the prepareQuery function in core/lib/list.php, exploitable via index.php?page=users/users with the sort parameter. Impact concerns backend and also frontend when rex_list is used. T...
CVE-2018-17831
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rexlist class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was the backend and the frontend only if rexlist were used...