Sql injection

2008-06-0315:32:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.6%

JSON

Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/.

CPENameOperatorVersion
phoenix_view_cmseq2.0.0-prealpha

CPE	Name	Operator	Version
	phoenix_view_cms	eq	2.0.0-prealpha

References

exchange.xforce.ibmcloud.com/vulnerabilities/42316

www.exploit-db.com/exploits/5578