Unrated severityOSV Advisory· Published Apr 20, 2019· Updated Aug 4, 2024

CVE-2019-11362

Description

app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 has SQL injection via the Post:doReward score paramter, as demonstrated by the /do/reward/3 URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Rocboss/RocbossOSV2 versions
V2.0, v2.1.0, v2.1.1, …+ 1 more
- (no CPE)range: V2.0, v2.1.0, v2.1.1, …
- (no CPE)range: = 2.2.1

Patches

Vulnerability mechanics

References

github.com/rocboss/ROCBOSS/issues/12mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000