Jump to content

[FG-VD-19-086] LiveZilla Server is vulnerable to SQL Injection II

sqli security bug

2 replies to this topic

#1 tsug0d_


  • Members
  • PipPip
  • 17 posts

Posted 24 June 2019 - 09:34 AM

Vulnerability Notification
June 24, 2019
Tracking Case #: FG-VD-19-086
Fortinet's FortiGuard Labs have discovered a security issue in your LiveZilla Server product. We estimate its risk to 4, on a scale of 1 (lowest) to 5 (highest), in terms of its impact. Please advise of the appropriate contact person in your company to handle this issue.
Fortinet's research remains ethical at all times, and we therefore strive to Responsible Disclosure. Fortinet vulnerability disclosure policy can be found at https://fortiguard.c...ble-disclosure

Please find a details report in attachment.

Attached Files

#2 Patrick Keil


  • Administrators
  • 3841 posts
  • LocationSingen, Germany

Posted 25 June 2019 - 08:16 AM


Thanks for bringing this to our attention.

I can confirm this issue. A fix will be included in our todays update

Thanks again.

#3 tsug0d_


  • Members
  • PipPip
  • 17 posts

Posted 25 June 2019 - 02:06 PM

Thanks for fast response & fix timeline, update cve id: CVE-2019-12960

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users