SQL Injection Vulnerability in doorGets 7.0: Unauthorized Database Access via modulecategory_edit_titre
CVE-2019-11622 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. A remote background administrator privilege user (or a user with permission to manage modulecategory) could exploit the vulnerability to obtain database sensitive information via modulecategory_edit_titre.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.