An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-26T22:00:00
Updated: 2024-08-05T06:01:49.282Z
Reserved: 2018-01-30T00:00:00
Link: CVE-2018-6411
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-05-26T22:29:00.480
Modified: 2021-07-01T12:25:47.433
Link: CVE-2018-6411
Redhat
No data.