cve/CVE-2019-5110.md at 594c8e952101730b1f9f9e6ac2afce8de85a4446

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system.

POC

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0903

Github

https://github.com/AbuHanifSiam/SQLInjection-Testing-on-a-Website
https://github.com/AbuHanifSiam/SQLi-Injection-Testing-on-a-Website

1.1 KiB Raw Blame History

CVE-2019-5110

Description

POC

Reference

Github

1.1 KiB

Raw Blame History