CVE-2019-19245
N/A
N/A
Summary
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://hyp3rlinx.altervista.org
- https://packetstormsecurity.com/files/155505/Xinet-Elegant-6-Asset-Library-Web-Interface-6.1.655-SQL-Injection.html
- http://seclists.org/fulldisclosure/2025/Feb/0
References
- http://hyp3rlinx.altervista.org
- https://packetstormsecurity.com/files/155505/Xinet-Elegant-6-Asset-Library-Web-Interface-6.1.655-SQL-Injection.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.