VYPR

GlobalForms

by Square 9

CVEs (1)

  • CVE-2018-8820HigMar 28, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some…