VDB
GCVE-110-MAGEIA-2019-144
GCVE-110-MAGEIA-2019-144
Advisory Published
Multiple xmlrpc call handlers in Koji’s hub code contain SQL injection
bugs. By passing carefully constructed arguments to these calls, an
unauthenticated user can issue arbitrary SQL commands to Koji’s database.
This gives the attacker broad ability to manipulate or destroy data
(CVE-2018-1002161).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | koji | 0 (affected), 1.12.2-1.mga6 (unaffected), 0 (affected), 1.12.2-1.mga6 (unaffected) | — |
| Mageia | liveusb-creator | 0 (affected), 3.14.2-4.2.mga7 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.