2 matches found
CVE-2009-1066
Pixie CMS 1.01a is affected by CVE-2009-1066 due to an SQL injection in the referral function (admin/lib/lib_logs.php). The vulnerability can be triggered via the Referer HTTP header, enabling remote attackers to execute arbitrary SQL commands against the database. Multiple sources in the connect...
Pixie CMS SQL Injection and Cross Site Scripting Vulnerabilities
Pixie CMS is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modif...