CyberSec.Space Logo
Back to CVE Browser

CVE-2019-15566

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0120%
EPSS Percentile10.63th
PublishedAug 26, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

The Alfresco application before 1.8.7 for Android allows SQL injection in HistorySearchProvider.java.

Affected Platforms (CPE)

πŸ“¦
Alfresco

Alfresco

< 1.8.7

References & Advisories

πŸ”— https://github.com/Alfresco/alfresco-android-app/pull/547
πŸ”— https://github.com/Alfresco/alfresco-android-app/releases/tag/1.8.7
πŸ”— https://github.com/Alfresco/alfresco-android-app/pull/547
πŸ”— https://github.com/Alfresco/alfresco-android-app/releases/tag/1.8.7

Related Vulnerabilities

CVE-2019-142229.8

An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authentica...

CVE-2020-151819.3

The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision. Intruders can get admin...

CVE-2020-257288.8

The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user t...

CVE-2020-128738.8

An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with privileges to edit a FreeMarker ...