ID:

CVE-2019-13978 (NVD)

- Vulnerability Info (edit)
2019-07-19

Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request.

Products Ovidentia
Type Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)
First patch - None (likely due to unavailable code)
Patches https://github.com/Kitsun3Sec/exploits/blob/master/cms/ovidentia/exploitSQLIOvidentia.txt
Links http://packetstormsecurity.com/files/153738/Ovidentia-8.4.3-SQL-Injection.html
Annotation

Note:

No patch was assigned yet.