← Back to CVE List
CVE-2019-11362
Published:
2019-04-20T13:29Z
Last Modified:
2024-11-21T04:20Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 has SQL injection via the Post:doReward score paramter, as demonstrated by the /do/reward/3 URI. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt