15 Juil 2019
Vulnérabilité CVE-2019-1010034 CVE Vulnerability
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" (defined at database_code.php line 1018) is vulnerable to a boolean-based blind sql injection. This function call can be triggered by any user logged-in with at least Volunteer role or manage_circulation capabilities. PoC : /wordpress/wp-admin/admin.php?page=weblib-circulation-desk&orderby=title&order=DESC. (CVSS:0.0) (Last Update:2019-07-15)
Vulnerability Details : Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" (defined at database_code.php line 1018) is vulnerable to a boolean-based blind sql injection. This function call can be triggered by any user logged-in with at least Volunteer role or manage_circulation capabilities. PoC : /wordpress/wp-admin/admin.php?page=weblib-circulation-desk&orderby=title&order=DESC. Publish Date : 2019-07-15 Last Update Date : 2019-07-15 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-1010034
- References For CVE-2019-1010034
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-1010034There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |