CVE-2011-0645

2011-01-2518:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.7%

JSON

SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action.

References

osvdb.org/70655

securityreason.com/wlb_show/WLB-2011010077

www.securityfocus.com/bid/45913

exchange.xforce.ibmcloud.com/vulnerabilities/64828