huzr2018

1 exploit Active since Feb 2019
CVE-2019-8979 WRITEUP CRITICAL WORKING POC
Kohana < 3.3.6 - SQL Injection via order_by Parameter
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled.
CVSS 9.8