CVE-2015-3934

2017-11-21T15:29:00
ID CVE-2015-3934
Type cve
Reporter cve@mitre.org
Modified 2017-12-12T15:39:00

Description

Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/app_article/controller/rating.php or (2) user parameter to user/login.