Vulnerabilities > Flamingo Project

DATE CVE VULNERABILITY TITLE RISK
2020-12-26 CVE-2020-35245 SQL Injection vulnerability in Flamingo Project Flamingo 20200929
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addUser.
network
low complexity
flamingo-project CWE-89
critical
9.8
2020-12-26 CVE-2020-35244 SQL Injection vulnerability in Flamingo Project Flamingo 20200929
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addGroup.
network
low complexity
flamingo-project CWE-89
critical
9.8
2020-12-26 CVE-2020-35243 SQL Injection vulnerability in Flamingo Project Flamingo 20200929
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserInfoInDb.
network
low complexity
flamingo-project CWE-89
critical
9.8
2020-12-26 CVE-2020-35242 SQL Injection vulnerability in Flamingo Project Flamingo 20200929
Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserTeamInfoInDbAndMemory.
network
low complexity
flamingo-project CWE-89
critical
9.8