Unauthenticated Blind SQL injection

Admidio / admidio

Admidio is a free open source user management system for websites of organizations and groups. The system has a flexible role model so that it’s possible to reflect the structure and permissions of your organization.

https://www.admidio.org

GNU General Public License v2.0

336 stars 131 forks source link

Unauthenticated Blind SQL injection #908

Closed M507 closed 4 years ago

M507 commented 4 years ago

Hi,

I want to report a critical vulnerability in Admidio management system. Can you please start a security advisory in the security section and add me to it, so we can discuss the vulnerability privately?

ximex commented 4 years ago

haven't done this before. hope i did it right

M507 commented 4 years ago

The security advisory has been updated with the details.