2 matches found
CVE-2016-3688
Vulnerability overview: CVE-2016-3688 is a SQL injection in dotCMS prior to version 3.5, exploitable via the c0-e3 parameter in dwr/call/plaincall/UserAjax.getUsersList.dwr. Affected software: dotCMS (CMS) prior to 3.5. Root cause / impact: Failure to properly validate the c0-e3 parameter allows ...
DotCMS 3.3 SQL Injection
1¡¢Description Exploit Title: SQL Injection Vulnerability in DotCms v3.3 Date: 3-28-2016 Vendor Homepage: http://dotcms.com/ Vendor: dotcms Software: Content Management System Version: v3.3 CVE:CVE-2016-3688 2¡¢Product Summary ================ dotcms is a fully featured open source enterprise gra...