CVE-2019-25347 - Kostasmitroglou Password Management Application

Critical 7.1

thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts.

Affected software

Kostasmitroglou Password Management Application

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.