CVE-2019-25443 | edlangley inventory-webapp GET Parameter add-item.php name/description/quantity/cat_id sql injection (Exploit 47356 / EDB-47356)

A vulnerability, which was classified as critical, has been found in edlangley inventory-webapp. Impacted is an unknown function of the file add-item.php of the component GET Parameter Handler. This manipulation of the argument name/description/quantity/cat_id causes sql injection.

This vulnerability is handled as CVE-2019-25443. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More