Security Advisory

CVE-2019-18663

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-04 19:08:13

Last updated 2024-08-05 01:54:14

Assigner mitre

State PUBLISHED

Description

A SQL injection vulnerability in a /login/forgot1 POST request in ARP-GUARD 4.0.0-5 allows unauthenticated remote attackers to execute arbitrary SQL commands via the user_id parameter.

← Browse all CVEs View on cve.org ↗