RSS   Vulnerabilities for 'Xinet elegant 6 asset library'   RSS

2019-12-02
 
CVE-2019-19245

CWE-89
 

 
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.

 


Copyright 2024, cxsecurity.com

 

Back to Top