Vulnerabilities > Apache > Virtual Computing LAB > 2.2.1

DATE CVE VULNERABILITY TITLE RISK
2019-07-29 CVE-2018-11774 SQL Injection vulnerability in Apache Virtual Computing LAB
Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts.
network
low complexity
apache CWE-89
7.2
7.2
2019-07-29 CVE-2018-11773 Improper Input Validation vulnerability in Apache Virtual Computing LAB
Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation.
network
low complexity
apache CWE-20
critical
 9.8
9.8
2019-07-29 CVE-2018-11772 SQL Injection vulnerability in Apache Virtual Computing LAB
Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree.
network
low complexity
apache CWE-89
7.2
7.2