MidnightBSD

Advisories for fizzday

CVE-2019-9047 HIGH

GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
fizzday gorose 1.0.4