CVE-2019-18663

A SQL injection vulnerability in a /login/forgot1 POST request in ARP-GUARD 4.0.0-5 allows unauthenticated remote attackers to execute arbitrary SQL commands via the user_id parameter.
References
Link Resource
https://atomic111.github.io/article/arp-guard-sql-injection Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:isl:arp-guard:4.0.0-5:*:*:*:*:*:*:*

Information

Published : 2019-11-04 08:15

Updated : 2019-11-05 06:12


NVD link : CVE-2019-18663

Mitre link : CVE-2019-18663

Products Affected
No products.
CWE