CVE-2019-5476

An SQL Injection in the Nextcloud Lookup-Server < v0.3.0 (running on https://lookup.nextcloud.com) caused unauthenticated users to be able to execute arbitrary SQL commands.
References
Link Resource
https://hackerone.com/reports/508487 Release Notes Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:nextcloud:lookup-server:*:*:*:*:*:*:*:*

Information

Published : 2019-08-07 05:15

Updated : 2019-10-09 11:50


NVD link : CVE-2019-5476

Mitre link : CVE-2019-5476

Products Affected
No products.
CWE