3 matches found
SQL Injection
tribalsystems/zenario is vulnerable to SQL injection. The vulnerability exists due to a lack of sanitization of the ID input field of ajax.php in the Pugin library - delete module...
GHSA-W4F3-7F7C-X652 SQL Injection in tribalsystems/zenario
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 and prior allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module...
CVE-2021-26830
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module...