Jump to content

[FG-VD-19-082] LiveZilla Server is vulnerable to SQL Injection

sql injection bug security

2 replies to this topic

#1 tsug0d_


  • Members
  • PipPip
  • 17 posts

Posted 21 June 2019 - 04:26 PM

Vulnerability Notification
June 22, 2019
Tracking Case #: FG-VD-19-082
Fortinet's FortiGuard Labs have discovered a security issue in your LiveZilla Server product. We estimate its risk to 4, on a scale of 1 (lowest) to 5 (highest), in terms of its impact. Please advise of the appropriate contact person in your company to handle this issue.
Fortinet's research remains ethical at all times, and we therefore strive to Responsible Disclosure. Fortinet vulnerability disclosure policy can be found at https://fortiguard.c...ble-disclosure

Please find a details report in attachment.

Attached Files

#2 Patrick Keil


  • Administrators
  • 3871 posts
  • LocationSingen, Germany

Posted 24 June 2019 - 07:57 AM


Thanks for bringing this to our attention.

I can confirm this issue. A fix will be included in our next update coming tomorrow (2019-06-25).

Thanks again.

#3 tsug0d_


  • Members
  • PipPip
  • 17 posts

Posted 25 June 2019 - 03:22 AM

Thanks for fast response & fix timeline, update cve id: CVE-2019-12939

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users