MidnightBSD

Advisories for premium_minecraft_servers_list_project

CVE-2018-5749 HIGH

install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-434,

Products Affected

Vendor Product Version
premium_minecraft_servers_list_project premium_minecraft_servers_list *
minecraft_servers_list_lite_project minecraft_servers_list_lite *