🕵️ CVE-2015-10068 | danynab movify-j ReviewServiceImpl.java getByMovieId movieId/username sql injection
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability classified as critical was found in danynab movify-j. This vulnerability affects the function getByMovieId
of the file app/business/impl/ReviewServiceImpl.java. The manipulation of the argument movieId/username leads to sql injection.
This vulnerability was named CVE-2015-10068. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to apply a patch to fix this issue. ...