SQL Injection Vulnerability in DoorGets 7.0: Unauthorized Access to Database Sensitive Information
CVE-2019-11621 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. A remote background administrator privilege user (or a user with permission to manage network configuration) could exploit the vulnerability to obtain database sensitive information.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.