VYPR
Critical severity9.8NVD Advisory· Published Jun 11, 2019· Updated Jun 17, 2026

CVE-2019-12149

CVE-2019-12149

Description

SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
silverstripe/restfulserverPackagist
>= 2.1.0, < 2.1.22.1.2
silverstripe/registryPackagist
>= 2.1.0, < 2.1.12.1.1
silverstripe/registryPackagist
>= 2.2.0, < 2.2.12.2.1
silverstripe/restfulserverPackagist
>= 1.0.0, < 1.0.91.0.9
silverstripe/restfulserverPackagist
>= 2.0.0, < 2.0.42.0.4

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.