An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier. Specially crafted web request to login page can cause SQL injections, resulting in data compromise. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2019-09-05T16:52:27
Updated: 2024-08-04T19:47:56.704Z
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5070
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-05T17:15:12.733
Modified: 2024-11-21T04:44:17.547
Link: CVE-2019-5070
Redhat
No data.