2 matches found
CVE-2015-7568
CVE-2015-7568 corresponds to a SQL injection vulnerability in the password recovery feature of Yeager CMS 1.2.1. The flaw, exploitable via the userEmail parameter, can allow remote attackers to change the credentials of known accounts. The affected product is Yeager CMS (version 1.2.1); the under...
CVE-2015-7568
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter...