6 matches found
CVE-2015-1518
SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...
CVE-2015-1518
SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...
CVE-2015-1518
The CVE-2015-1518 entry concerns Redaxscript, where versions prior to 2.3.0 contain a SQL injection in includes/search.php (search_post) that accepts input via the search_terms parameter, enabling remote arbitrary SQL execution. Public PoCs/exploits exist (e.g., PacketStorm, Exploit-DB entries) d...
KLA10501 Code execution Redaxscript vulnerability
SQL injection vulnerability was found in Redaxscript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a searchterms parameters. Original advisories - Exploitation Public exploits exist for this vulnerability. Related...
RedaxScript CMS 2.2.0 - SQL Injection
Exploit Title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Google Dork: N/A Date: 02/09/2015 Exploit Author: Pham Kien Cuong [email protected] & ITAS Team www.itas.vn Vendor Homepage: http://redaxscript.com/ Software Link: http://redaxscript.com/download/releases Version: Redaxscript...
Radexscript CMS 2.2.0 SQL Injection
Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Vendor: http://redaxscript.com/ Product: Radexscript CMS Software link: http://redaxscript.com/download/releases Affected version: Redaxscript 2.2.0 Fixed version: Redaxscript 2.3.0 CVE ID: CVE-2015-1518 Author: Pham Kien...