Sql injection

2024-02-1409:15:00

PRIOn knowledge base

www.prio-n.com

blind sql injection

cu solutions group

content management system

remote code execution

privilege escalation

sensitive information leakage

crafted script

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

37.4%

JSON

Blind SQL Injection vulnerability in CU Solutions Group (CUSG) Content Management System (CMS) before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component.

References

www.lmgsecurity.com/news/critical-software-vulnerabilities-impacting-credit-unions-discovered-by-lmg-security-researcher-immediate-action-recommended/