2 matches found
CVE-2017-1000192
Cygnux sysPass
CVE-2015-6516
sysPass (cygnux.org) is affected by a SQL injection vulnerability in versions 1.0.9 and earlier. The flaw arises in ajax/ajax_search.php where the search parameter is not properly filtered, allowing remote authenticated users to execute arbitrary SQL commands. This aligns with multiple sources (N...