12 matches found
EUVD-2018-13831
Malware in sbrugna...
CVE-2018-25071
A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insertlog of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to sql injection. Upgrading to version 0.1.59-beta is able to address this...
CVE-2018-25071
A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insertlog of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to sql injection. Upgrading to version 0.1.59-beta is able to address this...
CVE-2018-25071
A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insertlog of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to sql injection. Upgrading to version 0.1.59-beta is able to address this...
Sql injection
A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insertlog of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to sql injection. Upgrading to version 0.1.59-beta is able to address this...
CVE-2018-25071
CVE-2018-25071 affects roxlukas LMeve up to 0.1.58. The vulnerability is in the function insert_log of wwwroot/ccpwgl/proxy.php, where manipulation of the fetch parameter enables SQL injection. The issue is mitigated by upgrading to version 0.1.59-beta (patch identified as c25ff7fe83a2cda1fcb365b...
CVE-2021-4246
A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is...
CVE-2021-4246
A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is...
Sql injection
A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is...
CVE-2021-4246
CVE-2021-4246 affects roxlukas LMeve Login Page; the vulnerability arises from manipulating the X-Forwarded-For parameter to trigger a SQL injection. The issue can be exploited remotely and a patch named 29e1ead3bb1c1fad53b77dfc14534496421c5b5d is recommended (no details on affected versions are ...
CVE-2021-4246 roxlukas LMeve Login Page sql injection
A vulnerability was found in roxlukas LMeve and classified as critical. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument X-Forwarded-For leads to sql injection. The attack may be launched remotely. The name of the patch is...
PT-2022-11598
Name of the Vulnerable Software and Affected Versions roxlukas LMeve affected versions not specified Description A critical issue was found in the Login Page component of roxlukas LMeve, where the manipulation of the X-Forwarded-For argument leads to sql injection. This issue can be exploited...