SQL Injection Vulnerability in Froxlor 0.10.29.1 via Custom DB Name

SQL Injection Vulnerability in Froxlor 0.10.29.1 via Custom DB Name

CVE-2021-42325 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.