SQL Injection Vulnerability in Kohana through 3.3.6 via Controlled order_by() Parameter
CVE-2019-8979 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.