2 matches found
Ideagen Easysite SQL Injection Vulnerability
Ideagen Easysite is a web content management system from Ideagen UK. A SQL injection vulnerability exists in the CInfoService.asmx file of WebServices in Ideagen Easysite version 7.0. The vulnerability can be exploited by remote attackers to execute arbitrary SQL commands via a specially crafted...
CVE-2017-9848
CVE-2017-9848 affects Ideagen Easysite 7.0, specifically the WebServices component C_InfoService.asmx. A SQL injection vulnerability exists in GetArticleHitsArray when processing a crafted XML document containing a targeted ArticleIDs element, enabling remote attackers to execute arbitrary SQL co...