3 matches found
CVE-2024-0523
A vulnerability was found in CmsEasy up to 7.7.7. It has been declared as critical. Affected by this vulnerability is the function getslidechildaction in the library lib/admin/languageadmin.php. The manipulation of the argument sid leads to sql injection. The attack can be launched remotely. The...
Sql injection
A vulnerability was found in CmsEasy up to 7.7.7. It has been declared as critical. Affected by this vulnerability is the function getslidechildaction in the library lib/admin/languageadmin.php. The manipulation of the argument sid leads to sql injection. The attack can be launched remotely. The...
CVE-2024-0523
CmsEasy CVE-2024-0523 affects versions up to 7.7.7. The vulnerability is in function getslide_child_action (library lib/admin/language_admin.php) where improper handling of the sid parameter enables SQL injection. The issue can be triggered remotely and has been publicly disclosed. No patch/versi...