CVE-2019-11623 (doorgets_cms)

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb. A remote background administrator privilege user (or a user with permission to manage configuration siteweb) could exploit the vulnerability to obtain database sensitive information.
Source: NIST
CVE-2019-11623 (doorgets_cms)

Leave a Reply

Your email address will not be published.