Lucene search

GoogleOSV:GHSA-GJCJ-FJ23-5J5V

HistoryMay 17, 2022 - 2:50 a.m.

GeniXCMS SQL injection vulnerability

2022-05-1702:50:57

Google

osv.dev

genixcms

sql injection

remote attackers

arbitrary sql commands

activation parameter

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

54.2%

JSON

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter.

References

www.hackersb.cn/shenji/107.html

www.securityfocus.com/bid/95172

github.com/GeniXCMS/GeniXCMS

github.com/semplon/GeniXCMS/commit/d885eb20006099262c0278932b9f8aca3c1ac97f

github.com/semplon/GeniXCMS/issues/58

nvd.nist.gov/vuln/detail/CVE-2016-10096