CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Rockoa: >> Rockoa Security Vulnerabilities

CVE-2019-9846

RockOA 1.8.7 allows remote attackers to obtain sensitive information because the webmain/webmainAction.php publictreestore method constructs a SQL WHERE clause unsafely by using the pidfields and idfields parameters, aka background SQL injection.

CVSS Score

8.8

EPSS Score

0.002

Published

2019-06-28

Page 2

Vulnerabilities

Vulnerable Software

Rockoa: >> Rockoa Security Vulnerabilities

Products

Pricing

Contact Us