4 matches found
CVE-2023-1322
A vulnerability was found in lmxcms 1.41 and classified as critical. Affected by this issue is the function reply of the file BookAction.class.php. The manipulation of the argument id with the input 1 and updatexml0,concat0x7e,user,1 leads to sql injection. The attack may be launched remotely. Th...
Sql injection
A vulnerability was found in lmxcms 1.41 and classified as critical. Affected by this issue is the function reply of the file BookAction.class.php. The manipulation of the argument id with the input 1 and updatexml0,concat0x7e,user,1 leads to sql injection. The attack may be launched remotely. Th...
CVE-2023-1322 lmxcms BookAction.class.php reply sql injection
A vulnerability was found in lmxcms 1.41 and classified as critical. Affected by this issue is the function reply of the file BookAction.class.php. The manipulation of the argument id with the input 1 and updatexml0,concat0x7e,user,1 leads to sql injection. The attack may be launched remotely. Th...
CVE-2023-1322
CVE-2023-1322 affects lmxcms 1.41, specifically the reply function in BookAction.class.php. The vulnerability allows SQL injection via the id parameter when an input such as 1) and updatexml(0,concat(0x7e,user()),1)# is processed, with remote exploitation possible and public disclosure of exploit...