SQL Injection exists in MailSherlock ... CVE-2018-17542

5.0 AV AC AU C I A
发布: 2019-02-11
修订: 2019-02-16

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用