2 matches found
CVE-2014-3446
CVE-2014-3446 describes an unauthenticated SQL injection in BSS Continuity CMS 4.2.22640.0, specifically in wcm/system/pages/admin/getnode.aspx via the nodeid parameter. The vulnerability arises from lack of input sanitization when constructing an SQL query to retrieve node information, allowing ...
BSS Continuity CMS 4.2.22640.0 SQL Injection
Vulnerability title: Unauthenticated Blind SQL Injection in BSS Continuity CMS CVE: CVE-2014-3446 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: he following URL and parameters have been confirmed to suffer from Blind SQL...