CVE-2015-0919
Sefrengo CMS (before 1.6.1) is vulnerable to multiple SQL injection flaws in the administrative backend. Specifically, the backend/main.php parameters idcat and idclient can be manipulated to execute arbitrary SQL commands, enabling an attacker with remote access to affect the database. The issue...