Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI.
9.8CVSS
9.8AI Score
0.002EPSS
admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields.
9.8CVSS
9.8AI Score
0.013EPSS