CVE-2011-4959

2012-09-17T17:55:00
ID CVE-2011-4959
Type cve
Reporter cve@mitre.org
Modified 2012-10-15T04:00:00

Description

SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.