CVE-2019-9047

GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.
References
Link Resource
https://github.com/huzr2018/orderby_SQLi/tree/master/gorose Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:fizzday:gorose:1.0.4:*:*:*:*:*:*:*

Information

Published : 2019-02-23 09:29

Updated : 2019-02-25 03:19


NVD link : CVE-2019-9047

Mitre link : CVE-2019-9047

Products Affected
No products.
CWE